74a3e8f7d039ba03c0ef4b81de0cdd5ecae28b68afc6c03666de10a740d1ba47 | Triage

Sharing

General

Target

74a3e8f7d039ba03c0ef4b81de0cdd5ecae28b68afc6c03666de10a740d1ba47
Size

120KB
Sample

221205-hcmx6ahh8x
MD5

812c7fc86d0f6213b42901e0900483e7
SHA1

09bfa3fe338cee7221857c347c4b4fea2f2eec49
SHA256

74a3e8f7d039ba03c0ef4b81de0cdd5ecae28b68afc6c03666de10a740d1ba47
SHA512

36c59ecd97e8ea794494a41c4e9e88baeaa8b9dfa5160256b2482e8a654ad5be0a5c283e51ad7e01672beb9d2f13122f425245023d490cf28e2b7d5c901983d2
SSDEEP

1536:ojqQukmLkY/vO74BzIAS/B9SQzebQcMxVOUrt8t+MYYogMi+67RG:oLhWkYZvSHbz4MNt8t+eogZ+6l

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  74a3e8f7d039ba03c0ef4b81de0cdd5ecae28b68afc6c03666de10a740d1ba47
- Size
  
  120KB
- MD5
  
  812c7fc86d0f6213b42901e0900483e7
- SHA1
  
  09bfa3fe338cee7221857c347c4b4fea2f2eec49
- SHA256
  
  74a3e8f7d039ba03c0ef4b81de0cdd5ecae28b68afc6c03666de10a740d1ba47
- SHA512
  
  36c59ecd97e8ea794494a41c4e9e88baeaa8b9dfa5160256b2482e8a654ad5be0a5c283e51ad7e01672beb9d2f13122f425245023d490cf28e2b7d5c901983d2
- SSDEEP
  
  1536:ojqQukmLkY/vO74BzIAS/B9SQzebQcMxVOUrt8t+MYYogMi+67RG:oLhWkYZvSHbz4MNt8t+eogZ+6l
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence