1a18fd30e2c9a60c7c752ef08b549676486b08579ba4080b9a29f5f3a325ac36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a18fd30e2c9a60c7c752ef08b549676486b08579ba4080b9a29f5f3a325ac36
Size

138KB
Sample

221121-sk226aeh96
MD5

20692a3f5986404b599ea2ef93338d86
SHA1

77681601a6ea6c90a1825cfaf767ae6e385cb72c
SHA256

1a18fd30e2c9a60c7c752ef08b549676486b08579ba4080b9a29f5f3a325ac36
SHA512

9454b606cb4c41cd013e9769ff03748b597ff1dc4d235b6c7742dfaa3e7240f70f6ed90f8387f6ecc47c96626f46c8969904698636d5b10502fd506e8db76830
SSDEEP

768:0ltNQ8VnlvkMxmdeVHdT48QzTGfcmIV5n:HintkV6R48Q

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  1a18fd30e2c9a60c7c752ef08b549676486b08579ba4080b9a29f5f3a325ac36
- Size
  
  138KB
- MD5
  
  20692a3f5986404b599ea2ef93338d86
- SHA1
  
  77681601a6ea6c90a1825cfaf767ae6e385cb72c
- SHA256
  
  1a18fd30e2c9a60c7c752ef08b549676486b08579ba4080b9a29f5f3a325ac36
- SHA512
  
  9454b606cb4c41cd013e9769ff03748b597ff1dc4d235b6c7742dfaa3e7240f70f6ed90f8387f6ecc47c96626f46c8969904698636d5b10502fd506e8db76830
- SSDEEP
  
  768:0ltNQ8VnlvkMxmdeVHdT48QzTGfcmIV5n:HintkV6R48Q
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Disables cmd.exe use via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence