ee1f28dd9ca0858fc0b71be3945362b7e5fdf1b2607283c3cb753f883ff99fbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee1f28dd9ca0858fc0b71be3945362b7e5fdf1b2607283c3cb753f883ff99fbe
Size

176KB
Sample

221204-dtx28sfh9s
MD5

7f135d99aaf00e1fd2759c8dadc8ba1a
SHA1

a1976a3b17c9a0a3e93a032df563e20950aa466f
SHA256

ee1f28dd9ca0858fc0b71be3945362b7e5fdf1b2607283c3cb753f883ff99fbe
SHA512

d226f8b892167167635c9aab5175467a5dd9578702f521911919041d32119fe74e5c9a937b1d759f853be0aaa131709ec9d9b0dc2ab31a59c04e1583d81cbb46
SSDEEP

3072:tZblraVxiXKh8/vpSh90vqaWRspAf9Sy531kHU0GzNQyZa/k:tZbBP/BSh90vKRspc4y531kHU0GzNQ1M

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ee1f28dd9ca0858fc0b71be3945362b7e5fdf1b2607283c3cb753f883ff99fbe
- Size
  
  176KB
- MD5
  
  7f135d99aaf00e1fd2759c8dadc8ba1a
- SHA1
  
  a1976a3b17c9a0a3e93a032df563e20950aa466f
- SHA256
  
  ee1f28dd9ca0858fc0b71be3945362b7e5fdf1b2607283c3cb753f883ff99fbe
- SHA512
  
  d226f8b892167167635c9aab5175467a5dd9578702f521911919041d32119fe74e5c9a937b1d759f853be0aaa131709ec9d9b0dc2ab31a59c04e1583d81cbb46
- SSDEEP
  
  3072:tZblraVxiXKh8/vpSh90vqaWRspAf9Sy531kHU0GzNQyZa/k:tZbBP/BSh90vKRspc4y531kHU0GzNQ1M
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence