fb605c651c46dd92fab69180b5729e712545ea3f95ea642c17891d61b1685a8d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb605c651c46dd92fab69180b5729e712545ea3f95ea642c17891d61b1685a8d
Size

172KB
Sample

221129-dqz3esdh5y
MD5

0a8bbb2c09129b4f76ad7dc8d8440cf6
SHA1

3a8c12819249e176b8b7be4bd55b048537290f69
SHA256

fb605c651c46dd92fab69180b5729e712545ea3f95ea642c17891d61b1685a8d
SHA512

baac8ef9f3599001258ef5e9b0fc8d163274380e613a298b692c036ec914eebbbd529ad734dfdd5416ded5b441e2bb08ca2c533ca1fd6f29eb716496f7db5249
SSDEEP

3072:FjjQXp5YHeNh1nm9JuKnvmb7/D26tvJc56bzfCKpbVuugHvmD2iBuAZdeO:tjQ7LNh1wMKnvmb7/D26tBc5KDCKpBuy

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  fb605c651c46dd92fab69180b5729e712545ea3f95ea642c17891d61b1685a8d
- Size
  
  172KB
- MD5
  
  0a8bbb2c09129b4f76ad7dc8d8440cf6
- SHA1
  
  3a8c12819249e176b8b7be4bd55b048537290f69
- SHA256
  
  fb605c651c46dd92fab69180b5729e712545ea3f95ea642c17891d61b1685a8d
- SHA512
  
  baac8ef9f3599001258ef5e9b0fc8d163274380e613a298b692c036ec914eebbbd529ad734dfdd5416ded5b441e2bb08ca2c533ca1fd6f29eb716496f7db5249
- SSDEEP
  
  3072:FjjQXp5YHeNh1nm9JuKnvmb7/D26tvJc56bzfCKpbVuugHvmD2iBuAZdeO:tjQ7LNh1wMKnvmb7/D26tBc5KDCKpBuy
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2