3e578059e6e9b4595e0fc04762c9bc56919d0024f5e2fa81fb5d29e29b8fee82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e578059e6e9b4595e0fc04762c9bc56919d0024f5e2fa81fb5d29e29b8fee82
Size

62KB
Sample

221029-y3deeaebgn
MD5

5063be1cd336e66b7c86b1d44ade7000
SHA1

ae11869d91f5259cfd70b1ed087e2659eb705493
SHA256

3e578059e6e9b4595e0fc04762c9bc56919d0024f5e2fa81fb5d29e29b8fee82
SHA512

4562baa5226e99a4e16375b4d10791503a134d3fe747669ca97131368dae15956fb21709f331a16c87a3ce21bfad245300b8e3e639e44954e146b22a4dace5f2
SSDEEP

384:y1dLdCYsFeeJSDvzalGUSuVTqvErH+gY5Ah63JtnX0V5gFnYndJlXaA7v:ynQYsFzJMvcGUStEreVAE5lX0gnYd

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  3e578059e6e9b4595e0fc04762c9bc56919d0024f5e2fa81fb5d29e29b8fee82
- Size
  
  62KB
- MD5
  
  5063be1cd336e66b7c86b1d44ade7000
- SHA1
  
  ae11869d91f5259cfd70b1ed087e2659eb705493
- SHA256
  
  3e578059e6e9b4595e0fc04762c9bc56919d0024f5e2fa81fb5d29e29b8fee82
- SHA512
  
  4562baa5226e99a4e16375b4d10791503a134d3fe747669ca97131368dae15956fb21709f331a16c87a3ce21bfad245300b8e3e639e44954e146b22a4dace5f2
- SSDEEP
  
  384:y1dLdCYsFeeJSDvzalGUSuVTqvErH+gY5Ah63JtnX0V5gFnYndJlXaA7v:ynQYsFzJMvcGUStEreVAE5lX0gnYd
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence