d9d269b658484744828b75b55a89a89e56d894c06cca2fdd2ea81fcfe7dbdd4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9d269b658484744828b75b55a89a89e56d894c06cca2fdd2ea81fcfe7dbdd4a
Size

28KB
Sample

221028-24e66sbbd2
MD5

056433e834129dbe16639760744cb6b1
SHA1

6abda03e715775b70684ccd6f8668fa5f315fde3
SHA256

d9d269b658484744828b75b55a89a89e56d894c06cca2fdd2ea81fcfe7dbdd4a
SHA512

5fc660fc8591e088c229b563c862944e6d8181d1efbe125bb16c06a525f1fee65e44d1a4bf6c80b11f4b0cf3cff9af0953fb4329d8ca180c4070f47a00f63f26
SSDEEP

768:eRnSu7F2uy1FrHwBWmXE3dEnpU/NPFAbHp:CSKFty1F4z03dXN+p

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  d9d269b658484744828b75b55a89a89e56d894c06cca2fdd2ea81fcfe7dbdd4a
- Size
  
  28KB
- MD5
  
  056433e834129dbe16639760744cb6b1
- SHA1
  
  6abda03e715775b70684ccd6f8668fa5f315fde3
- SHA256
  
  d9d269b658484744828b75b55a89a89e56d894c06cca2fdd2ea81fcfe7dbdd4a
- SHA512
  
  5fc660fc8591e088c229b563c862944e6d8181d1efbe125bb16c06a525f1fee65e44d1a4bf6c80b11f4b0cf3cff9af0953fb4329d8ca180c4070f47a00f63f26
- SSDEEP
  
  768:eRnSu7F2uy1FrHwBWmXE3dEnpU/NPFAbHp:CSKFty1F4z03dXN+p
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence