f9aa3708cba2a95eafc2b8a61d207c442c7e8a932de7d22a5e65ce320a6b962f | Triage

Sharing

General

Target

f9aa3708cba2a95eafc2b8a61d207c442c7e8a932de7d22a5e65ce320a6b962f
Size

39KB
Sample

221028-3w9lgsdaaq
MD5

0b776dc0656635f5e3b487c62b0621f2
SHA1

b4fb268d44634aa22abe85c8397d9368ef70001b
SHA256

f9aa3708cba2a95eafc2b8a61d207c442c7e8a932de7d22a5e65ce320a6b962f
SHA512

d6bf72c8d4cccd8a80cb6eb4e3dec50b7e7fe903868eb954896df8e5d5dfd076a86b1555a2cc46464dbcd4f596df743e7f7830df6ff788408060b2e7b73b1591
SSDEEP

768:zUyIAgchLA+F8IqptVRIGwI6UjClnJxtneNgLruUr1p3im83:4TuknbVRIGwsjClT4evuUp

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  f9aa3708cba2a95eafc2b8a61d207c442c7e8a932de7d22a5e65ce320a6b962f
- Size
  
  39KB
- MD5
  
  0b776dc0656635f5e3b487c62b0621f2
- SHA1
  
  b4fb268d44634aa22abe85c8397d9368ef70001b
- SHA256
  
  f9aa3708cba2a95eafc2b8a61d207c442c7e8a932de7d22a5e65ce320a6b962f
- SHA512
  
  d6bf72c8d4cccd8a80cb6eb4e3dec50b7e7fe903868eb954896df8e5d5dfd076a86b1555a2cc46464dbcd4f596df743e7f7830df6ff788408060b2e7b73b1591
- SSDEEP
  
  768:zUyIAgchLA+F8IqptVRIGwI6UjClnJxtneNgLruUr1p3im83:4TuknbVRIGwsjClT4evuUp
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2