1b5ff7b497e3f3c87cefd640f78e4e92db495f74f987748f3b504d5f34406527 | Triage

Sharing

General

Target

1b5ff7b497e3f3c87cefd640f78e4e92db495f74f987748f3b504d5f34406527
Size

153KB
Sample

221125-nsl9fshc6y
MD5

3c0952309dea28bfef5bf0527411bc9e
SHA1

5c7a0b11c2a91823143214fef2a786c5ef6fd4b9
SHA256

1b5ff7b497e3f3c87cefd640f78e4e92db495f74f987748f3b504d5f34406527
SHA512

ed0e98d03993ecb8c2a7ecb73ba8282868cfdcae24356e00162b46ccf3cccd4c1c1dbb105e98bc586a0f8dadc1b8c8bae4da9b154e83de656687ce7d68182584
SSDEEP

3072:Wy277Ci+HMm3nQuTz5U0Ofr2AUx4bzWKeH3tMCmzsaz:Wy27mi+Hj3Qg112rhUxl/3thEse

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  1b5ff7b497e3f3c87cefd640f78e4e92db495f74f987748f3b504d5f34406527
- Size
  
  153KB
- MD5
  
  3c0952309dea28bfef5bf0527411bc9e
- SHA1
  
  5c7a0b11c2a91823143214fef2a786c5ef6fd4b9
- SHA256
  
  1b5ff7b497e3f3c87cefd640f78e4e92db495f74f987748f3b504d5f34406527
- SHA512
  
  ed0e98d03993ecb8c2a7ecb73ba8282868cfdcae24356e00162b46ccf3cccd4c1c1dbb105e98bc586a0f8dadc1b8c8bae4da9b154e83de656687ce7d68182584
- SSDEEP
  
  3072:Wy277Ci+HMm3nQuTz5U0Ofr2AUx4bzWKeH3tMCmzsaz:Wy27mi+Hj3Qg112rhUxl/3thEse
Score

10^/10

evasion
- Modifies security service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2