8c3afa0a9dd024db1576f5d5ec38bd9a7e690f412ec6959b5583ef5b8cb31137 | Triage

Sharing

General

Target

8c3afa0a9dd024db1576f5d5ec38bd9a7e690f412ec6959b5583ef5b8cb31137
Size

284KB
Sample

221124-f744taca58
MD5

e5c8b0f3b088b0bcf238a15cd8d12e83
SHA1

e8c1977452bdc11bc76d43ac1373a5b6e50afb51
SHA256

8c3afa0a9dd024db1576f5d5ec38bd9a7e690f412ec6959b5583ef5b8cb31137
SHA512

6c4cf4a78f02a2a2a24c59b2d2839fd5b551cd0ba20f09064db6cc53c60aba11ae91bf7d1a7d238d63032bcfca8bc1b2ce50622664a48f464ec6ad7e7a08a197
SSDEEP

6144:+4u4b+1oEFnRW61FFFFFFFmFFFFFFg6888l88e88l88848l88l8M88l88lZ:+Gb+D1x

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  8c3afa0a9dd024db1576f5d5ec38bd9a7e690f412ec6959b5583ef5b8cb31137
- Size
  
  284KB
- MD5
  
  e5c8b0f3b088b0bcf238a15cd8d12e83
- SHA1
  
  e8c1977452bdc11bc76d43ac1373a5b6e50afb51
- SHA256
  
  8c3afa0a9dd024db1576f5d5ec38bd9a7e690f412ec6959b5583ef5b8cb31137
- SHA512
  
  6c4cf4a78f02a2a2a24c59b2d2839fd5b551cd0ba20f09064db6cc53c60aba11ae91bf7d1a7d238d63032bcfca8bc1b2ce50622664a48f464ec6ad7e7a08a197
- SSDEEP
  
  6144:+4u4b+1oEFnRW61FFFFFFFmFFFFFFg6888l88e88l88848l88l8M88l88lZ:+Gb+D1x
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2