f836e00fdb05593b9f014698b620121ff1cc504946f5b9f2a47c57d2714eff35 | Triage

Sharing

General

Target

f836e00fdb05593b9f014698b620121ff1cc504946f5b9f2a47c57d2714eff35
Size

9KB
Sample

221201-kxqkwsce47
MD5

24c416f16d5e82856fbabc63c80d4e44
SHA1

be3104a97d36295dcbf307bdfe24b816909772a9
SHA256

f836e00fdb05593b9f014698b620121ff1cc504946f5b9f2a47c57d2714eff35
SHA512

db4f94d834ccc82c9096909362305422b2b8776d96da064b214c655a5b13c0e353d906c66278c05d392bb65e417da3e4fefebc8f222757f423697400a95bb279
SSDEEP

192:zbSd4ExcXZYadRxM8i6vbn4P0e+/E3J5gERKb6LnFk3fAr:fExGZZjM8i6Tn46IfK6LnFkPA

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  f836e00fdb05593b9f014698b620121ff1cc504946f5b9f2a47c57d2714eff35
- Size
  
  9KB
- MD5
  
  24c416f16d5e82856fbabc63c80d4e44
- SHA1
  
  be3104a97d36295dcbf307bdfe24b816909772a9
- SHA256
  
  f836e00fdb05593b9f014698b620121ff1cc504946f5b9f2a47c57d2714eff35
- SHA512
  
  db4f94d834ccc82c9096909362305422b2b8776d96da064b214c655a5b13c0e353d906c66278c05d392bb65e417da3e4fefebc8f222757f423697400a95bb279
- SSDEEP
  
  192:zbSd4ExcXZYadRxM8i6vbn4P0e+/E3J5gERKb6LnFk3fAr:fExGZZjM8i6Tn46IfK6LnFkPA
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence