cb0eedb9f58575a7874cc7b5ad76bf69125f1728e9bc22b937ba4341d3db27f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb0eedb9f58575a7874cc7b5ad76bf69125f1728e9bc22b937ba4341d3db27f1
Size

80KB
Sample

221203-zfh7taha91
MD5

63655e7b042e67af610d7290624eb836
SHA1

7cba1a685c42f45abfcc2729e04d809f78ea2620
SHA256

cb0eedb9f58575a7874cc7b5ad76bf69125f1728e9bc22b937ba4341d3db27f1
SHA512

adfc222d5cb15894a5b0cde5bce4adc89f858c5acd641155b2c6baca74080b46f90b4ae571da301ba9b3f9f502039dc4df82ce55e037cb35b68004c32deeea2b
SSDEEP

1536:Nmcfcxv9x+VxY49p4cRQIeBepIorArJeJYPAw8aisB:lfcT149WcRQIewptrA/Aw8a7B

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cb0eedb9f58575a7874cc7b5ad76bf69125f1728e9bc22b937ba4341d3db27f1
- Size
  
  80KB
- MD5
  
  63655e7b042e67af610d7290624eb836
- SHA1
  
  7cba1a685c42f45abfcc2729e04d809f78ea2620
- SHA256
  
  cb0eedb9f58575a7874cc7b5ad76bf69125f1728e9bc22b937ba4341d3db27f1
- SHA512
  
  adfc222d5cb15894a5b0cde5bce4adc89f858c5acd641155b2c6baca74080b46f90b4ae571da301ba9b3f9f502039dc4df82ce55e037cb35b68004c32deeea2b
- SSDEEP
  
  1536:Nmcfcxv9x+VxY49p4cRQIeBepIorArJeJYPAw8aisB:lfcT149WcRQIewptrA/Aw8a7B
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence