e20a110ea6d935dcd5f63935ae244199262395b2644423a371bfd47492a783da | Triage

Sharing

General

Target

e20a110ea6d935dcd5f63935ae244199262395b2644423a371bfd47492a783da
Size

406KB
Sample

221127-r46zsaee83
MD5

7fff78b566c36d10e1c51565c302eaba
SHA1

3e5cd9d13cf59c294e237c820bc62cb43d44dce9
SHA256

e20a110ea6d935dcd5f63935ae244199262395b2644423a371bfd47492a783da
SHA512

832e13b2576f9ae62e0f3ea84b0b6c8b0220f421f7f74800dbce073ee9f500d9c2f6b4214720b1d4d3398ce021103050c253e4ca10d91d812c00dfa351b8ca65
SSDEEP

6144:tav2LexRZpBF9RpPdrCPNBnATfkl2mstti08eIcVKbV08KEGooGhjXXYa:IeexRZpBF9RpPd+bAEfsDYbHG7+jV

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  e20a110ea6d935dcd5f63935ae244199262395b2644423a371bfd47492a783da
- Size
  
  406KB
- MD5
  
  7fff78b566c36d10e1c51565c302eaba
- SHA1
  
  3e5cd9d13cf59c294e237c820bc62cb43d44dce9
- SHA256
  
  e20a110ea6d935dcd5f63935ae244199262395b2644423a371bfd47492a783da
- SHA512
  
  832e13b2576f9ae62e0f3ea84b0b6c8b0220f421f7f74800dbce073ee9f500d9c2f6b4214720b1d4d3398ce021103050c253e4ca10d91d812c00dfa351b8ca65
- SSDEEP
  
  6144:tav2LexRZpBF9RpPdrCPNBnATfkl2mstti08eIcVKbV08KEGooGhjXXYa:IeexRZpBF9RpPd+bAEfsDYbHG7+jV
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2