4938654b3632270bfe85d6c595977eb498175241e7a1fde276e9214083520be1 | Triage

Sharing

General

Target

4938654b3632270bfe85d6c595977eb498175241e7a1fde276e9214083520be1
Size

564KB
Sample

221125-cd8ncsgd8s
MD5

d6ce144ff50283f05f6d86602e3e1b42
SHA1

9322eb0744b8ff0997eab3c2a9222b1b7085ef86
SHA256

4938654b3632270bfe85d6c595977eb498175241e7a1fde276e9214083520be1
SHA512

280cb42be0d7c5460f9a9b403edd3f9e54bc900b01b07e5eaccf10b14c63065966a263d3a67cde78e7eee1f6cbaf592bc46ad057e0e2a18320b81c2c65ccac44
SSDEEP

12288:nz9G7XQO5rfGbIG9b7zoaCc+YXrOtNGdM4hECNJ86:nJ0r+bIGt7CcVatNG5k6

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  4938654b3632270bfe85d6c595977eb498175241e7a1fde276e9214083520be1
- Size
  
  564KB
- MD5
  
  d6ce144ff50283f05f6d86602e3e1b42
- SHA1
  
  9322eb0744b8ff0997eab3c2a9222b1b7085ef86
- SHA256
  
  4938654b3632270bfe85d6c595977eb498175241e7a1fde276e9214083520be1
- SHA512
  
  280cb42be0d7c5460f9a9b403edd3f9e54bc900b01b07e5eaccf10b14c63065966a263d3a67cde78e7eee1f6cbaf592bc46ad057e0e2a18320b81c2c65ccac44
- SSDEEP
  
  12288:nz9G7XQO5rfGbIG9b7zoaCc+YXrOtNGdM4hECNJ86:nJ0r+bIGt7CcVatNG5k6
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2