aee308690621973c39c12e93f9feae2d987da88c048eae1a2f4296e4c2e127fd | Triage

Sharing

General

Target

aee308690621973c39c12e93f9feae2d987da88c048eae1a2f4296e4c2e127fd
Size

21KB
Sample

221201-x72r5agd6y
MD5

00c04645b18c4fa05b9b9c2deca1cf0b
SHA1

b5a3cef5cdcfc26944b8825e62cd2f7ad9a0ac4c
SHA256

aee308690621973c39c12e93f9feae2d987da88c048eae1a2f4296e4c2e127fd
SHA512

4716bd2ae0098436c51cddea54015527b684988ed22c017947ceeaa4e418a100bccf0f876f5cacc7a44bb295091480cc5ce25f82a608502dc2bfb8ca317f3726
SSDEEP

384:ByVlNjtU2eGg45LgdTmqJGW30WtOhxDMDvcsGLn6klnuKMgzEZSAKSlP:kVlmigpz7tDcFb8KREZSAHh

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  aee308690621973c39c12e93f9feae2d987da88c048eae1a2f4296e4c2e127fd
- Size
  
  21KB
- MD5
  
  00c04645b18c4fa05b9b9c2deca1cf0b
- SHA1
  
  b5a3cef5cdcfc26944b8825e62cd2f7ad9a0ac4c
- SHA256
  
  aee308690621973c39c12e93f9feae2d987da88c048eae1a2f4296e4c2e127fd
- SHA512
  
  4716bd2ae0098436c51cddea54015527b684988ed22c017947ceeaa4e418a100bccf0f876f5cacc7a44bb295091480cc5ce25f82a608502dc2bfb8ca317f3726
- SSDEEP
  
  384:ByVlNjtU2eGg45LgdTmqJGW30WtOhxDMDvcsGLn6klnuKMgzEZSAKSlP:kVlmigpz7tDcFb8KREZSAHh
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence