78f0cd07e852c0a0f4e1cdfc81e0fc4031b9fa755955104f4c48b132edbd9392 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78f0cd07e852c0a0f4e1cdfc81e0fc4031b9fa755955104f4c48b132edbd9392
Size

132KB
Sample

221203-j9ll2abg3t
MD5

e6a96f61ccd57a19f6a285a482c46fb4
SHA1

47917acbb361e5f3eab7313eb42b0ea6133fd71a
SHA256

78f0cd07e852c0a0f4e1cdfc81e0fc4031b9fa755955104f4c48b132edbd9392
SHA512

af4d7087bb2163750355de73a047590267818a6067e353c6b6dd924d0ae5a4b32532adb12f57d55b766b192de24535d4964f1fd828788e465272103765268828
SSDEEP

3072:s6EqrARrnJef/OsLTt6t5543VDVNN58lg4vx5FrtYluq:s52ARQfPs55oDJilgwb6

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  78f0cd07e852c0a0f4e1cdfc81e0fc4031b9fa755955104f4c48b132edbd9392
- Size
  
  132KB
- MD5
  
  e6a96f61ccd57a19f6a285a482c46fb4
- SHA1
  
  47917acbb361e5f3eab7313eb42b0ea6133fd71a
- SHA256
  
  78f0cd07e852c0a0f4e1cdfc81e0fc4031b9fa755955104f4c48b132edbd9392
- SHA512
  
  af4d7087bb2163750355de73a047590267818a6067e353c6b6dd924d0ae5a4b32532adb12f57d55b766b192de24535d4964f1fd828788e465272103765268828
- SSDEEP
  
  3072:s6EqrARrnJef/OsLTt6t5543VDVNN58lg4vx5FrtYluq:s52ARQfPs55oDJilgwb6
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence