51fde119bdfa2d38b127360991a54c56c421b81e69ad7bc5761110172ff25a47 | Triage

Sharing

General

Target

51fde119bdfa2d38b127360991a54c56c421b81e69ad7bc5761110172ff25a47
Size

137KB
Sample

221128-g13svafh51
MD5

3c8af02d8cf7c13d1d78aa881f3ea5f6
SHA1

0dca9181c3aa0d6ee1d418d880eaa7c3bab260ab
SHA256

51fde119bdfa2d38b127360991a54c56c421b81e69ad7bc5761110172ff25a47
SHA512

d0e9c06bfc722e87d794a39ec5f7c835a76c2757baba2f265cec193cec3eeb89c579227d3f1a2659d3be0d42d4cf779d88bce0352fa9e2cbc42e2a3b570b70b0
SSDEEP

1536:TfWKzKQtOjLZO8I6jocPbs14PDe+xzE31zlS/aEO8O/ESMCFacmqZFOh/UWlyNSm:Tf0O8Isb5+31zlS/FO8O1bF+q7XWw7

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  51fde119bdfa2d38b127360991a54c56c421b81e69ad7bc5761110172ff25a47
- Size
  
  137KB
- MD5
  
  3c8af02d8cf7c13d1d78aa881f3ea5f6
- SHA1
  
  0dca9181c3aa0d6ee1d418d880eaa7c3bab260ab
- SHA256
  
  51fde119bdfa2d38b127360991a54c56c421b81e69ad7bc5761110172ff25a47
- SHA512
  
  d0e9c06bfc722e87d794a39ec5f7c835a76c2757baba2f265cec193cec3eeb89c579227d3f1a2659d3be0d42d4cf779d88bce0352fa9e2cbc42e2a3b570b70b0
- SSDEEP
  
  1536:TfWKzKQtOjLZO8I6jocPbs14PDe+xzE31zlS/aEO8O/ESMCFacmqZFOh/UWlyNSm:Tf0O8Isb5+31zlS/FO8O1bF+q7XWw7
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Adds policy Run key to start application
  persistence
- Blocklisted process makes network request
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2