8eee87d24a51e241d4d8929c74b458abf224a7f418b88864dda8d6c21de5e584 | Triage

Sharing

General

Target

8eee87d24a51e241d4d8929c74b458abf224a7f418b88864dda8d6c21de5e584
Size

3.1MB
Sample

221127-jhq3fadh8s
MD5

bf8f7968dfb321b332131d63f85e3c0a
SHA1

886a523f07047bbdd7d26f907c87746c8996182e
SHA256

8eee87d24a51e241d4d8929c74b458abf224a7f418b88864dda8d6c21de5e584
SHA512

153ee438a70c9efb72be5c91a0eb5db6c59401a5848e2e96dd5c55572fc33bd9d55d8ea564e4b5e7ee8643793432e141441dff60c8df3b7825b768af72ac24bd
SSDEEP

24576:Nvs5BtfJRm1lcY126Wg20Gdvewmj1CTy+0ZEqAq:N+jm1eIWg2vd/T/0iqAq

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  8eee87d24a51e241d4d8929c74b458abf224a7f418b88864dda8d6c21de5e584
- Size
  
  3.1MB
- MD5
  
  bf8f7968dfb321b332131d63f85e3c0a
- SHA1
  
  886a523f07047bbdd7d26f907c87746c8996182e
- SHA256
  
  8eee87d24a51e241d4d8929c74b458abf224a7f418b88864dda8d6c21de5e584
- SHA512
  
  153ee438a70c9efb72be5c91a0eb5db6c59401a5848e2e96dd5c55572fc33bd9d55d8ea564e4b5e7ee8643793432e141441dff60c8df3b7825b768af72ac24bd
- SSDEEP
  
  24576:Nvs5BtfJRm1lcY126Wg20Gdvewmj1CTy+0ZEqAq:N+jm1eIWg2vd/T/0iqAq
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence