029580b0b0c7b77e64cb7a51e4cf9cb40f991926833f58e46f2e7b3ccc499207 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

029580b0b0c7b77e64cb7a51e4cf9cb40f991926833f58e46f2e7b3ccc499207
Size

133KB
Sample

221014-nb2mtacgc3
MD5

60c4daa1f49e6d13f609cf3397ece440
SHA1

6fe35e8d45b91f7889bff18eb5251191e6f5e654
SHA256

029580b0b0c7b77e64cb7a51e4cf9cb40f991926833f58e46f2e7b3ccc499207
SHA512

d9d5cabf9c328e1a5c1b47e2378597b3c894528aad34aff044b18cb84564c982b567a1a3bf9ef2654d3ec66c3c8c7206479b20171a1520382f15ab830a4c8c5c
SSDEEP

3072:YYRkrHgZ06YkHteyHKOq6VqVMe7ws/YnWQMxy:YVrHg4kcyHpqlb5YjMx

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  029580b0b0c7b77e64cb7a51e4cf9cb40f991926833f58e46f2e7b3ccc499207
- Size
  
  133KB
- MD5
  
  60c4daa1f49e6d13f609cf3397ece440
- SHA1
  
  6fe35e8d45b91f7889bff18eb5251191e6f5e654
- SHA256
  
  029580b0b0c7b77e64cb7a51e4cf9cb40f991926833f58e46f2e7b3ccc499207
- SHA512
  
  d9d5cabf9c328e1a5c1b47e2378597b3c894528aad34aff044b18cb84564c982b567a1a3bf9ef2654d3ec66c3c8c7206479b20171a1520382f15ab830a4c8c5c
- SSDEEP
  
  3072:YYRkrHgZ06YkHteyHKOq6VqVMe7ws/YnWQMxy:YVrHg4kcyHpqlb5YjMx
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2