430f5ceed6c2e907951bc50da7050e14922e6e2a392ad1f713c93d70db89172f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

430f5ceed6c2e907951bc50da7050e14922e6e2a392ad1f713c93d70db89172f
Size

460KB
Sample

221123-ye5trahh93
MD5

35e852ab44b493b60325d07ce56621af
SHA1

9722e3207bd17fbc39cb05a73a871b8430d7b050
SHA256

430f5ceed6c2e907951bc50da7050e14922e6e2a392ad1f713c93d70db89172f
SHA512

e58d3d4cabe52a9350d651ce1d069666bf00709b792afc3adfc56b57e188811c3c0d1cf2c9a56e51ebb4a66665755f6d565a8b6861b29102bacce7c86c62d3da
SSDEEP

12288:8xaVAh64U5l82gfJv1OKN7Dl7+5ss4XtL1YB3:8xaVxr5q26Jv1Ow7Dd+5ESV

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  430f5ceed6c2e907951bc50da7050e14922e6e2a392ad1f713c93d70db89172f
- Size
  
  460KB
- MD5
  
  35e852ab44b493b60325d07ce56621af
- SHA1
  
  9722e3207bd17fbc39cb05a73a871b8430d7b050
- SHA256
  
  430f5ceed6c2e907951bc50da7050e14922e6e2a392ad1f713c93d70db89172f
- SHA512
  
  e58d3d4cabe52a9350d651ce1d069666bf00709b792afc3adfc56b57e188811c3c0d1cf2c9a56e51ebb4a66665755f6d565a8b6861b29102bacce7c86c62d3da
- SSDEEP
  
  12288:8xaVAh64U5l82gfJv1OKN7Dl7+5ss4XtL1YB3:8xaVxr5q26Jv1Ow7Dd+5ESV
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2