1d8973a27335564074cb11e4dbb662113293f89f70a3116ebebb1d8323bf3cf0 | Triage

Sharing

General

Target

1d8973a27335564074cb11e4dbb662113293f89f70a3116ebebb1d8323bf3cf0
Size

204KB
Sample

221029-zaemfadhd7
MD5

55b4746547b7f889d19b47d472a8fa6b
SHA1

62629f0b9f42a6384af063997d28b3effc7620f9
SHA256

1d8973a27335564074cb11e4dbb662113293f89f70a3116ebebb1d8323bf3cf0
SHA512

9205066c65c7e55783ab0cc7edd3a059f2467507417fb12cf1bca80c63452af4e0f96fd64953fd34a43f16e441c48fc6950fa02846c76e93b3abb9235aab6d07
SSDEEP

768:Dudxgudxg1iMaNjOCHRFjwRk3IsIgsfcXgLuf7fSOe5Y6Az:gzoAn70q3R9L+ufOTY

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  1d8973a27335564074cb11e4dbb662113293f89f70a3116ebebb1d8323bf3cf0
- Size
  
  204KB
- MD5
  
  55b4746547b7f889d19b47d472a8fa6b
- SHA1
  
  62629f0b9f42a6384af063997d28b3effc7620f9
- SHA256
  
  1d8973a27335564074cb11e4dbb662113293f89f70a3116ebebb1d8323bf3cf0
- SHA512
  
  9205066c65c7e55783ab0cc7edd3a059f2467507417fb12cf1bca80c63452af4e0f96fd64953fd34a43f16e441c48fc6950fa02846c76e93b3abb9235aab6d07
- SSDEEP
  
  768:Dudxgudxg1iMaNjOCHRFjwRk3IsIgsfcXgLuf7fSOe5Y6Az:gzoAn70q3R9L+ufOTY
Score

8^/10

evasion persistence
- Executes dropped EXE
- Stops running service(s)
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2