8f9a90c9c227507f15ef7a532343716ae0ba093bf90642f9de5af603b0905d6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f9a90c9c227507f15ef7a532343716ae0ba093bf90642f9de5af603b0905d6d
Size

159KB
Sample

221128-exg1vseb43
MD5

a0444ffb488afaf19cc38b2d4409e2c9
SHA1

acacfe161279f6a5605aa77c3c2bf897db046f25
SHA256

8f9a90c9c227507f15ef7a532343716ae0ba093bf90642f9de5af603b0905d6d
SHA512

7042ba3d13ab024dd97e14b0e9a59638b8d3345adb20c025451e0cb32d6a0b035041e38581831207b01debd9d68f2f1eb4721c2b4bd09a1a919185959b69f818
SSDEEP

3072:c2PdERmUVvMZt1TACxpf6oXidU5ofJt5OmPafdyU2a:nWRmUVk/1T1pfF2UGxt5WYU2

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  8f9a90c9c227507f15ef7a532343716ae0ba093bf90642f9de5af603b0905d6d
- Size
  
  159KB
- MD5
  
  a0444ffb488afaf19cc38b2d4409e2c9
- SHA1
  
  acacfe161279f6a5605aa77c3c2bf897db046f25
- SHA256
  
  8f9a90c9c227507f15ef7a532343716ae0ba093bf90642f9de5af603b0905d6d
- SHA512
  
  7042ba3d13ab024dd97e14b0e9a59638b8d3345adb20c025451e0cb32d6a0b035041e38581831207b01debd9d68f2f1eb4721c2b4bd09a1a919185959b69f818
- SSDEEP
  
  3072:c2PdERmUVvMZt1TACxpf6oXidU5ofJt5OmPafdyU2a:nWRmUVk/1T1pfF2UGxt5WYU2
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2