19341d7058ae011dd9047a79e28a5cf8a626b73870e93cee3d3087b79d60aa46 | Triage

Sharing

General

Target

19341d7058ae011dd9047a79e28a5cf8a626b73870e93cee3d3087b79d60aa46
Size

4KB
Sample

221106-fan2bsfchm
MD5

31bfb69dfe46c8634d224541d78ff200
SHA1

701049a8ec2d198fe754038daf2dc300224bbc53
SHA256

19341d7058ae011dd9047a79e28a5cf8a626b73870e93cee3d3087b79d60aa46
SHA512

326bd4da5567ebd511077b2b65c67bc5b3042a4667129d5aef8944e6d85add8d47cf65c71280b1884fe3c5040171b0e713148b3f23da8fb501e55148c1ead6e5
SSDEEP

96:LNpTc6T7aReJz3ZZk+wyCQ+BI9nElarjAhWPSHsIEdiZZZd/S4NQ:LNJ7aR0z3jk+wSUI906IWPwvEdgZZdK/

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  19341d7058ae011dd9047a79e28a5cf8a626b73870e93cee3d3087b79d60aa46
- Size
  
  4KB
- MD5
  
  31bfb69dfe46c8634d224541d78ff200
- SHA1
  
  701049a8ec2d198fe754038daf2dc300224bbc53
- SHA256
  
  19341d7058ae011dd9047a79e28a5cf8a626b73870e93cee3d3087b79d60aa46
- SHA512
  
  326bd4da5567ebd511077b2b65c67bc5b3042a4667129d5aef8944e6d85add8d47cf65c71280b1884fe3c5040171b0e713148b3f23da8fb501e55148c1ead6e5
- SSDEEP
  
  96:LNpTc6T7aReJz3ZZk+wyCQ+BI9nElarjAhWPSHsIEdiZZZd/S4NQ:LNJ7aR0z3jk+wSUI906IWPwvEdgZZdK/
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Disables Task Manager via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2