a99b2fbca2e80ea7ca4662f8858254caf3e554a85bf52e7740b1019b7deeb309 | Triage

Sharing

General

Target

a99b2fbca2e80ea7ca4662f8858254caf3e554a85bf52e7740b1019b7deeb309
Size

171KB
Sample

221108-mhdnwsbgg5
MD5

01ec03319966ca96eee4ce20485a48b2
SHA1

80a1ab4922d3b8cc2e1e6df3750492c435a2528e
SHA256

a99b2fbca2e80ea7ca4662f8858254caf3e554a85bf52e7740b1019b7deeb309
SHA512

5221cc593a8105794e0e4359dd4af10383497dee61a29227747ecc34dbf6db05eaf0382af487e429d20df9b5ff00ab09962502c9551aa45d5c24c5ad04ec4c32
SSDEEP

3072:Dhuomne0JSGnjpeb2sjyG9Umhh/RviwJKQx/PaPB2RBZ65AThUAIoFX1Zqbq:k7I1QmXRviwJKOHOB2/Z1hv

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  a99b2fbca2e80ea7ca4662f8858254caf3e554a85bf52e7740b1019b7deeb309
- Size
  
  171KB
- MD5
  
  01ec03319966ca96eee4ce20485a48b2
- SHA1
  
  80a1ab4922d3b8cc2e1e6df3750492c435a2528e
- SHA256
  
  a99b2fbca2e80ea7ca4662f8858254caf3e554a85bf52e7740b1019b7deeb309
- SHA512
  
  5221cc593a8105794e0e4359dd4af10383497dee61a29227747ecc34dbf6db05eaf0382af487e429d20df9b5ff00ab09962502c9551aa45d5c24c5ad04ec4c32
- SSDEEP
  
  3072:Dhuomne0JSGnjpeb2sjyG9Umhh/RviwJKQx/PaPB2RBZ65AThUAIoFX1Zqbq:k7I1QmXRviwJKOHOB2/Z1hv
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2