c1b7f2eb184bb367e747a23332235f5226b4e00853bc424ee7b7fe2098638df9 | Triage

Sharing

General

Target

c1b7f2eb184bb367e747a23332235f5226b4e00853bc424ee7b7fe2098638df9
Size

23KB
Sample

221203-q5eq9aac9v
MD5

384768631a6827fb2e2e0ebf75675cc1
SHA1

93728b7878cf6b5c820098ba831ecf758e830509
SHA256

c1b7f2eb184bb367e747a23332235f5226b4e00853bc424ee7b7fe2098638df9
SHA512

0f508a43b494491a7d87c60cc786f32109510022e767feef37c86ba7f43b9254e240a0be4a39e1ccc5ad284080e6e2b645bb8e3af6a2502425e3b6c9d829f983
SSDEEP

384:5dD9d6G4LImLc48W4fFwvHAKfb+YMTLaPSj1hizgZBuDy1:5CR1mzCrMHaPC1hCgZQU

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  c1b7f2eb184bb367e747a23332235f5226b4e00853bc424ee7b7fe2098638df9
- Size
  
  23KB
- MD5
  
  384768631a6827fb2e2e0ebf75675cc1
- SHA1
  
  93728b7878cf6b5c820098ba831ecf758e830509
- SHA256
  
  c1b7f2eb184bb367e747a23332235f5226b4e00853bc424ee7b7fe2098638df9
- SHA512
  
  0f508a43b494491a7d87c60cc786f32109510022e767feef37c86ba7f43b9254e240a0be4a39e1ccc5ad284080e6e2b645bb8e3af6a2502425e3b6c9d829f983
- SSDEEP
  
  384:5dD9d6G4LImLc48W4fFwvHAKfb+YMTLaPSj1hizgZBuDy1:5CR1mzCrMHaPC1hCgZQU
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence