878ce1019b10960da5ab5f6064a4c31e49506a9e315e32f7767f39024cda713d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

878ce1019b10960da5ab5f6064a4c31e49506a9e315e32f7767f39024cda713d
Size

46KB
Sample

221129-nz6axafd53
MD5

98763f13e67ab4932806e4796fa16f6f
SHA1

c50c96ffcacc665caae3833fd4e09f4268968b93
SHA256

878ce1019b10960da5ab5f6064a4c31e49506a9e315e32f7767f39024cda713d
SHA512

885d0ca4342d71fcd872cdf84ecdc5241d337c1e4e70dbeb65a055229fd4fcbecec6774f9d9caf082113e9c5552b142b700df3481c402db1325efcbce3e3c88a
SSDEEP

768:lMVvp3w/6c3nl56eNCq0FlQNLyDWQmKo0zIQvyu2M7v7XjQbnv9Et8kcysAmEw3w:lMVvp3w/j3iNq0LQNtfrwIQvyuXv7kbs

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  878ce1019b10960da5ab5f6064a4c31e49506a9e315e32f7767f39024cda713d
- Size
  
  46KB
- MD5
  
  98763f13e67ab4932806e4796fa16f6f
- SHA1
  
  c50c96ffcacc665caae3833fd4e09f4268968b93
- SHA256
  
  878ce1019b10960da5ab5f6064a4c31e49506a9e315e32f7767f39024cda713d
- SHA512
  
  885d0ca4342d71fcd872cdf84ecdc5241d337c1e4e70dbeb65a055229fd4fcbecec6774f9d9caf082113e9c5552b142b700df3481c402db1325efcbce3e3c88a
- SSDEEP
  
  768:lMVvp3w/6c3nl56eNCq0FlQNLyDWQmKo0zIQvyu2M7v7XjQbnv9Et8kcysAmEw3w:lMVvp3w/j3iNq0LQNtfrwIQvyuXv7kbs
Score

8^/10

evasion persistence
- Adds policy Run key to start application
  persistence
- Drops file in Drivers directory
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence