be871411cd236c989c962fe3aa501711832f42683bf4e158327179f6373addb4 | Triage

Sharing

General

Target

be871411cd236c989c962fe3aa501711832f42683bf4e158327179f6373addb4
Size

23KB
Sample

221203-gs1nhsah45
MD5

e144f0ff0044b44f3d9dce8a46e98ee5
SHA1

1b059953f0679c21a23eacbe47159cf87be1a3e1
SHA256

be871411cd236c989c962fe3aa501711832f42683bf4e158327179f6373addb4
SHA512

58b7af44a95fc6c5f76156cbb69656fc9b38dbc7b584d1730a078d7899601cec9c2cfe6bb6f154c0fa4bcaa2232229f9022b109d14524b2236d927cd33a2bcf3
SSDEEP

384:UidD9d6GAfwjeILdyviqFHUq5Gi5doxWQKaK94ySy5ojB7z0GNozuUHALK+I:hG6ekdHqqNi5doxuB61z0GNouUjx

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  be871411cd236c989c962fe3aa501711832f42683bf4e158327179f6373addb4
- Size
  
  23KB
- MD5
  
  e144f0ff0044b44f3d9dce8a46e98ee5
- SHA1
  
  1b059953f0679c21a23eacbe47159cf87be1a3e1
- SHA256
  
  be871411cd236c989c962fe3aa501711832f42683bf4e158327179f6373addb4
- SHA512
  
  58b7af44a95fc6c5f76156cbb69656fc9b38dbc7b584d1730a078d7899601cec9c2cfe6bb6f154c0fa4bcaa2232229f9022b109d14524b2236d927cd33a2bcf3
- SSDEEP
  
  384:UidD9d6GAfwjeILdyviqFHUq5Gi5doxWQKaK94ySy5ojB7z0GNozuUHALK+I:hG6ekdHqqNi5doxuB61z0GNouUjx
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence