e855a72e8e762e0b8f6e2a7baae92c41bb76f2131c53aade8adf64e1ee18a4ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e855a72e8e762e0b8f6e2a7baae92c41bb76f2131c53aade8adf64e1ee18a4ad
Size

303KB
Sample

221204-p74ygsbb44
MD5

17d0f3a43ddfbd9972b85fc82afcc7cf
SHA1

959ccb51a5cbb6a1a36b0318ca4358d4b0a6cd1a
SHA256

e855a72e8e762e0b8f6e2a7baae92c41bb76f2131c53aade8adf64e1ee18a4ad
SHA512

a0128bc83b90b76ad6b03a18c12bbac98cff4a9b2d83f56b2bcd2d0a75ff01d943afe415b2f579c86030b8b223957ede17f40c72325b70b5b3a8e9ae05797514
SSDEEP

6144:D6I4f+Ub8DwRb18eFesZXXGDW2rNr6iaGE2YpVkF0CAvEO4:+UIb1uFHRdaGE2Y8F0dsO4

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  e855a72e8e762e0b8f6e2a7baae92c41bb76f2131c53aade8adf64e1ee18a4ad
- Size
  
  303KB
- MD5
  
  17d0f3a43ddfbd9972b85fc82afcc7cf
- SHA1
  
  959ccb51a5cbb6a1a36b0318ca4358d4b0a6cd1a
- SHA256
  
  e855a72e8e762e0b8f6e2a7baae92c41bb76f2131c53aade8adf64e1ee18a4ad
- SHA512
  
  a0128bc83b90b76ad6b03a18c12bbac98cff4a9b2d83f56b2bcd2d0a75ff01d943afe415b2f579c86030b8b223957ede17f40c72325b70b5b3a8e9ae05797514
- SSDEEP
  
  6144:D6I4f+Ub8DwRb18eFesZXXGDW2rNr6iaGE2YpVkF0CAvEO4:+UIb1uFHRdaGE2Y8F0dsO4
Score

8^/10

evasion persistence
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2