b4a4f9a482411f8dc978e6b22b16620310ec8f248ad371d8f3d6a7bf0ff83785 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4a4f9a482411f8dc978e6b22b16620310ec8f248ad371d8f3d6a7bf0ff83785
Size

24KB
Sample

221203-hrj5tadg24
MD5

7f5c635e20cb68c1235656d76ea1096d
SHA1

bf3c18ed86f7c46d73fea7b45c4aa283c23f04ae
SHA256

b4a4f9a482411f8dc978e6b22b16620310ec8f248ad371d8f3d6a7bf0ff83785
SHA512

28dda784919b9ccd43141bdcad965de152726a0eb60757f1d1c3f855f50551faa5a3ac508d6f453d519fbbefcb8eada63aad3461c4e34c262c956bb630144878
SSDEEP

768:/W6ek9aOAT1UKifjBG0MznGBgbzJZEcpjEP:a5BU3VsHz8UQP

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  b4a4f9a482411f8dc978e6b22b16620310ec8f248ad371d8f3d6a7bf0ff83785
- Size
  
  24KB
- MD5
  
  7f5c635e20cb68c1235656d76ea1096d
- SHA1
  
  bf3c18ed86f7c46d73fea7b45c4aa283c23f04ae
- SHA256
  
  b4a4f9a482411f8dc978e6b22b16620310ec8f248ad371d8f3d6a7bf0ff83785
- SHA512
  
  28dda784919b9ccd43141bdcad965de152726a0eb60757f1d1c3f855f50551faa5a3ac508d6f453d519fbbefcb8eada63aad3461c4e34c262c956bb630144878
- SSDEEP
  
  768:/W6ek9aOAT1UKifjBG0MznGBgbzJZEcpjEP:a5BU3VsHz8UQP
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence