b9057dbd26f60d1255a4fb779a4879c8fc6122dafab2fa4c531795fcd1fd15d2 | Triage

Sharing

General

Target

b9057dbd26f60d1255a4fb779a4879c8fc6122dafab2fa4c531795fcd1fd15d2
Size

23KB
Sample

221205-jqkwdsea4w
MD5

022a872e9ae25fb410febca48f5088bd
SHA1

61b546e80b272ec4f9a7a39a9dd31b9093e39c13
SHA256

b9057dbd26f60d1255a4fb779a4879c8fc6122dafab2fa4c531795fcd1fd15d2
SHA512

37a054923ef1676a7f2cc9345fe82fba2b0f69af31a40ed517b5b0adc994da3cdd1da29896f9645865febd9d32d2af9e107d3fe609b10d1a88442ec0d8a19f69
SSDEEP

384:DPyZNjtU2m7QAbkm7tJUS52Pgt/NJQ+CjdS0DQzxIvJXfqQow:ryZCrh7cZYa+SwxIvJXfZ

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  b9057dbd26f60d1255a4fb779a4879c8fc6122dafab2fa4c531795fcd1fd15d2
- Size
  
  23KB
- MD5
  
  022a872e9ae25fb410febca48f5088bd
- SHA1
  
  61b546e80b272ec4f9a7a39a9dd31b9093e39c13
- SHA256
  
  b9057dbd26f60d1255a4fb779a4879c8fc6122dafab2fa4c531795fcd1fd15d2
- SHA512
  
  37a054923ef1676a7f2cc9345fe82fba2b0f69af31a40ed517b5b0adc994da3cdd1da29896f9645865febd9d32d2af9e107d3fe609b10d1a88442ec0d8a19f69
- SSDEEP
  
  384:DPyZNjtU2m7QAbkm7tJUS52Pgt/NJQ+CjdS0DQzxIvJXfqQow:ryZCrh7cZYa+SwxIvJXfZ
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence