b0debb8ca9da22433d179f37b32226179bed077ebcd868b606033d32bac16b7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0debb8ca9da22433d179f37b32226179bed077ebcd868b606033d32bac16b7b
Size

23KB
Sample

221203-skte1sbd49
MD5

f39dedb5dee684c4b67e4378cf93f676
SHA1

6aa3a28edd348b402f04c1d275f24945d8979663
SHA256

b0debb8ca9da22433d179f37b32226179bed077ebcd868b606033d32bac16b7b
SHA512

4710b0c7a7ea4043c0f1a429b66ed6fc1355abefcd67a08f026b6297847380c0480789e13766970050006e31de0b71028dd9847ec7b1342a967d05ac0b39cd24
SSDEEP

384:mPyZNjtU2mWAQuXL+dYsWlv1IfglVN9dOUY8+Z+rE8kWkzX1jxuHz4I2A1Y4xWyg:GyZez+dYsWlafglVN9dOlNXNWkzBxuTO

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  b0debb8ca9da22433d179f37b32226179bed077ebcd868b606033d32bac16b7b
- Size
  
  23KB
- MD5
  
  f39dedb5dee684c4b67e4378cf93f676
- SHA1
  
  6aa3a28edd348b402f04c1d275f24945d8979663
- SHA256
  
  b0debb8ca9da22433d179f37b32226179bed077ebcd868b606033d32bac16b7b
- SHA512
  
  4710b0c7a7ea4043c0f1a429b66ed6fc1355abefcd67a08f026b6297847380c0480789e13766970050006e31de0b71028dd9847ec7b1342a967d05ac0b39cd24
- SSDEEP
  
  384:mPyZNjtU2mWAQuXL+dYsWlv1IfglVN9dOUY8+Z+rE8kWkzX1jxuHz4I2A1Y4xWyg:GyZez+dYsWlafglVN9dOlNXNWkzBxuTO
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence