6f60815f8202ac7f96394fb935f7e7f125f11bc91748832a7b8abd65b34c9cc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f60815f8202ac7f96394fb935f7e7f125f11bc91748832a7b8abd65b34c9cc3
Size

124KB
Sample

221011-jcr3jscbc6
MD5

652040abf731f253023a96549ed01334
SHA1

37720b4222033dd7473a1951e04f420a4f9f4969
SHA256

6f60815f8202ac7f96394fb935f7e7f125f11bc91748832a7b8abd65b34c9cc3
SHA512

674093a540a5fb1b7dbf7b0198b31d49746d720aacb28a0536735ea15adf2deb692446a25379e32b71d0ab98dadef5451b92d59a3fdd3535fcb1f919aedd9f21
SSDEEP

3072:fYGgFDoVJlcwdYax64B9ztn0Aos43lgO1b7o3h:ffgloV4CYa8CB43lr1b78h

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  6f60815f8202ac7f96394fb935f7e7f125f11bc91748832a7b8abd65b34c9cc3
- Size
  
  124KB
- MD5
  
  652040abf731f253023a96549ed01334
- SHA1
  
  37720b4222033dd7473a1951e04f420a4f9f4969
- SHA256
  
  6f60815f8202ac7f96394fb935f7e7f125f11bc91748832a7b8abd65b34c9cc3
- SHA512
  
  674093a540a5fb1b7dbf7b0198b31d49746d720aacb28a0536735ea15adf2deb692446a25379e32b71d0ab98dadef5451b92d59a3fdd3535fcb1f919aedd9f21
- SSDEEP
  
  3072:fYGgFDoVJlcwdYax64B9ztn0Aos43lgO1b7o3h:ffgloV4CYa8CB43lr1b78h
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2