4b6ba00c7ede0a35abc63eda4d36ff46aa0957a6357094a5ca75d2e9935114f0 | Triage

Sharing

General

Target

4b6ba00c7ede0a35abc63eda4d36ff46aa0957a6357094a5ca75d2e9935114f0
Size

320KB
Sample

221107-epm7xaacfr
MD5

0ee3e981961c66380e8a0dc224b0cdb1
SHA1

802750c6238bfc75bd2dfd97d9b717af6acfcf4c
SHA256

4b6ba00c7ede0a35abc63eda4d36ff46aa0957a6357094a5ca75d2e9935114f0
SHA512

11006a5717e35cb10ab6551b7c2599e21fec0cf01cceac809cbea1c74ed5e58f2d759371fa567595477d5ed7034ebe123e0e581e47ab1c0c4409972314f66d10
SSDEEP

3072:zdQ1zwLhj9VSTcMf1FzUzt6+HjPKlVzyZbACKhqUjqybiT7LEag09jdvTiu4F1U4:zdQ1zwVSTcMozt6h2MqSmRPhZ4F1rN

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  4b6ba00c7ede0a35abc63eda4d36ff46aa0957a6357094a5ca75d2e9935114f0
- Size
  
  320KB
- MD5
  
  0ee3e981961c66380e8a0dc224b0cdb1
- SHA1
  
  802750c6238bfc75bd2dfd97d9b717af6acfcf4c
- SHA256
  
  4b6ba00c7ede0a35abc63eda4d36ff46aa0957a6357094a5ca75d2e9935114f0
- SHA512
  
  11006a5717e35cb10ab6551b7c2599e21fec0cf01cceac809cbea1c74ed5e58f2d759371fa567595477d5ed7034ebe123e0e581e47ab1c0c4409972314f66d10
- SSDEEP
  
  3072:zdQ1zwLhj9VSTcMf1FzUzt6+HjPKlVzyZbACKhqUjqybiT7LEag09jdvTiu4F1U4:zdQ1zwVSTcMozt6h2MqSmRPhZ4F1rN
Score

8^/10

evasion persistence
- Disables RegEdit via registry modification
  evasion
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence