c3c5885e0d587017aed7769e7600eec2efdee07d80e131023a67c91e93209478 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3c5885e0d587017aed7769e7600eec2efdee07d80e131023a67c91e93209478
Size

22KB
Sample

221029-1x1c4ahfem
MD5

83a4656558770bae5e0025f41273678e
SHA1

61cd7d973fa0036c87d4bccc1cb49f34f7cb71f7
SHA256

c3c5885e0d587017aed7769e7600eec2efdee07d80e131023a67c91e93209478
SHA512

d26f79c19890089d6035d1234b9f55c86bd403ad72f113561570ca2b441a342fc2106643dda2069151f16479d1bfc306db5687f2c380c334839696113c59333b
SSDEEP

384:6cPyZNjtU2mPgALAT4Nlb514pajyidhzxZWRuW4d:nyZWrdNl4QyidlxZWw

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  c3c5885e0d587017aed7769e7600eec2efdee07d80e131023a67c91e93209478
- Size
  
  22KB
- MD5
  
  83a4656558770bae5e0025f41273678e
- SHA1
  
  61cd7d973fa0036c87d4bccc1cb49f34f7cb71f7
- SHA256
  
  c3c5885e0d587017aed7769e7600eec2efdee07d80e131023a67c91e93209478
- SHA512
  
  d26f79c19890089d6035d1234b9f55c86bd403ad72f113561570ca2b441a342fc2106643dda2069151f16479d1bfc306db5687f2c380c334839696113c59333b
- SSDEEP
  
  384:6cPyZNjtU2mPgALAT4Nlb514pajyidhzxZWRuW4d:nyZWrdNl4QyidlxZWw
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence