70278d64e623290ce4e6a5583dd7d0bb2edeae469d2a08c9b89d0985dde8ed68 | Triage

Sharing

General

Target

70278d64e623290ce4e6a5583dd7d0bb2edeae469d2a08c9b89d0985dde8ed68
Size

444KB
Sample

221125-pwhk4sha44
MD5

7f2cae91b2a5498d73e078e0bdc97e6b
SHA1

7e0cd7d320a531a11ec6692782ab30bfb32fe450
SHA256

70278d64e623290ce4e6a5583dd7d0bb2edeae469d2a08c9b89d0985dde8ed68
SHA512

9fc62025306e712c48f6364b4fc0c8cffd3ad03d7d21c836d93414ac9ee5a4b21537a9ebd2ce8a19a6a5f3792fff4befbde95245cbb8209ec8dd19e502e94115
SSDEEP

12288:41d9zQT5bxxfRZSLT1vmlRpR/qBRF85K:4HJQxxxJslm1lqfF85

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  70278d64e623290ce4e6a5583dd7d0bb2edeae469d2a08c9b89d0985dde8ed68
- Size
  
  444KB
- MD5
  
  7f2cae91b2a5498d73e078e0bdc97e6b
- SHA1
  
  7e0cd7d320a531a11ec6692782ab30bfb32fe450
- SHA256
  
  70278d64e623290ce4e6a5583dd7d0bb2edeae469d2a08c9b89d0985dde8ed68
- SHA512
  
  9fc62025306e712c48f6364b4fc0c8cffd3ad03d7d21c836d93414ac9ee5a4b21537a9ebd2ce8a19a6a5f3792fff4befbde95245cbb8209ec8dd19e502e94115
- SSDEEP
  
  12288:41d9zQT5bxxfRZSLT1vmlRpR/qBRF85K:4HJQxxxJslm1lqfF85
Score

8^/10

evasion
- Blocklisted process makes network request
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2