aa139eca7227b27bf6f79c7ed77abe23abb3d672b27aa1a783c04f132f5c9d49 | Triage

Sharing

General

Target

aa139eca7227b27bf6f79c7ed77abe23abb3d672b27aa1a783c04f132f5c9d49
Size

132KB
Sample

221205-ykj48sdf8s
MD5

bb267f329bdf9be39d8a4efe9e12ab12
SHA1

484120a80545f2637db8bccfd7154259edecc372
SHA256

aa139eca7227b27bf6f79c7ed77abe23abb3d672b27aa1a783c04f132f5c9d49
SHA512

1cf713fa157df2a8c07f4621b3c3bab4c0cfbe842fbc46c13e88b644efb3eb2a0d23e04b75eb2558d59ff57c43dd0aae47b2cb3c495513449812a5ecf01a3966
SSDEEP

3072:43k/LPrdVfWM8RM/8KmwBErXXFefQmD8ampjMixwtwW:n/PX8/KmwBEjXFeos8aCAiath

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  aa139eca7227b27bf6f79c7ed77abe23abb3d672b27aa1a783c04f132f5c9d49
- Size
  
  132KB
- MD5
  
  bb267f329bdf9be39d8a4efe9e12ab12
- SHA1
  
  484120a80545f2637db8bccfd7154259edecc372
- SHA256
  
  aa139eca7227b27bf6f79c7ed77abe23abb3d672b27aa1a783c04f132f5c9d49
- SHA512
  
  1cf713fa157df2a8c07f4621b3c3bab4c0cfbe842fbc46c13e88b644efb3eb2a0d23e04b75eb2558d59ff57c43dd0aae47b2cb3c495513449812a5ecf01a3966
- SSDEEP
  
  3072:43k/LPrdVfWM8RM/8KmwBErXXFefQmD8ampjMixwtwW:n/PX8/KmwBEjXFeos8aCAiath
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2