aa646cb189602581243ef61dc1e2fc1a6a2c211c94e3a39a56584d7a0f8eb3aa | Triage

Sharing

General

Target

aa646cb189602581243ef61dc1e2fc1a6a2c211c94e3a39a56584d7a0f8eb3aa
Size

23KB
Sample

221203-p25ylabg52
MD5

005cbfc54fc6736d75681e47f7ee5676
SHA1

fd509c3a85e034895399d1352a865cefd46d5978
SHA256

aa646cb189602581243ef61dc1e2fc1a6a2c211c94e3a39a56584d7a0f8eb3aa
SHA512

10623e496842ebea422868aca72e72fca335e145e5460256ba409029681e42527f67f799a00e38d4ce7abcd37c59ca22d7dbf41301d223cf79dfb831238a7954
SSDEEP

384:IidD9d6GAKuQBrj+HvbzVKQ4zvjNxgENo+SzEN85oV0o0fmj:9WyqJ4z7NxjoEN2oVX0Oj

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  aa646cb189602581243ef61dc1e2fc1a6a2c211c94e3a39a56584d7a0f8eb3aa
- Size
  
  23KB
- MD5
  
  005cbfc54fc6736d75681e47f7ee5676
- SHA1
  
  fd509c3a85e034895399d1352a865cefd46d5978
- SHA256
  
  aa646cb189602581243ef61dc1e2fc1a6a2c211c94e3a39a56584d7a0f8eb3aa
- SHA512
  
  10623e496842ebea422868aca72e72fca335e145e5460256ba409029681e42527f67f799a00e38d4ce7abcd37c59ca22d7dbf41301d223cf79dfb831238a7954
- SSDEEP
  
  384:IidD9d6GAKuQBrj+HvbzVKQ4zvjNxgENo+SzEN85oV0o0fmj:9WyqJ4z7NxjoEN2oVX0Oj
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence