c37c3dc0f4e2a0c5b732bbae2c0e4fac35092903e3d264693fde19cc9b6fbb90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c37c3dc0f4e2a0c5b732bbae2c0e4fac35092903e3d264693fde19cc9b6fbb90
Size

9KB
Sample

221129-qcqcaabf88
MD5

3cf93e7a614d0eea5d4b55e4f7aa1558
SHA1

a3e7030407e5f905d826ce265c1b2bb2b860b976
SHA256

c37c3dc0f4e2a0c5b732bbae2c0e4fac35092903e3d264693fde19cc9b6fbb90
SHA512

ea7f2d4d9848ed9601a55dad998a0ed4e0ca7c8dfc82ce21f9705871031a4a433dd743479fa077138d8b729cf0f3094606274a0e6fd04cd23e846635778a9917
SSDEEP

192:VG+APnmpPUGuPd/XA0drU03iUtshcozh1hePzsp2:VG+AP6PiPd/XA09/fts+ozheP4p2

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  c37c3dc0f4e2a0c5b732bbae2c0e4fac35092903e3d264693fde19cc9b6fbb90
- Size
  
  9KB
- MD5
  
  3cf93e7a614d0eea5d4b55e4f7aa1558
- SHA1
  
  a3e7030407e5f905d826ce265c1b2bb2b860b976
- SHA256
  
  c37c3dc0f4e2a0c5b732bbae2c0e4fac35092903e3d264693fde19cc9b6fbb90
- SHA512
  
  ea7f2d4d9848ed9601a55dad998a0ed4e0ca7c8dfc82ce21f9705871031a4a433dd743479fa077138d8b729cf0f3094606274a0e6fd04cd23e846635778a9917
- SSDEEP
  
  192:VG+APnmpPUGuPd/XA0drU03iUtshcozh1hePzsp2:VG+AP6PiPd/XA09/fts+ozheP4p2
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence