a44ce409a405b68486e81439025c2bf59b7a05beb109425e9b2b6afcd9455018 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a44ce409a405b68486e81439025c2bf59b7a05beb109425e9b2b6afcd9455018
Size

196KB
Sample

221028-1fslxsgffp
MD5

0de0f3394e58a4c61c7a81ff1c0d2d60
SHA1

79d20a47bfe65b2c12f546f03338a5f1e0398bfa
SHA256

a44ce409a405b68486e81439025c2bf59b7a05beb109425e9b2b6afcd9455018
SHA512

ee0f2cfe1d4fe075796039f5fe399df943f7e068040eebc687259eb95afc49bf218280ece8cbbe8e23cea6f679f2a372dc6627021c6dc48c5492d1bdab09c88e
SSDEEP

6144:a8W3uUPH3bX2a23NYcJQ8TfxZ85WJ007G9tSBN70Zfm:TW3uUPH3bX2a23NYcJQ8TfxZ9J0rtSzb

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  a44ce409a405b68486e81439025c2bf59b7a05beb109425e9b2b6afcd9455018
- Size
  
  196KB
- MD5
  
  0de0f3394e58a4c61c7a81ff1c0d2d60
- SHA1
  
  79d20a47bfe65b2c12f546f03338a5f1e0398bfa
- SHA256
  
  a44ce409a405b68486e81439025c2bf59b7a05beb109425e9b2b6afcd9455018
- SHA512
  
  ee0f2cfe1d4fe075796039f5fe399df943f7e068040eebc687259eb95afc49bf218280ece8cbbe8e23cea6f679f2a372dc6627021c6dc48c5492d1bdab09c88e
- SSDEEP
  
  6144:a8W3uUPH3bX2a23NYcJQ8TfxZ85WJ007G9tSBN70Zfm:TW3uUPH3bX2a23NYcJQ8TfxZ9J0rtSzb
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2