bf4753a2df12082694dc41408bfc095710b5e98207b449a854199ae3514b4ba5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf4753a2df12082694dc41408bfc095710b5e98207b449a854199ae3514b4ba5
Size

70KB
Sample

221206-px53sshg54
MD5

41e52ba91513eb237490c7630c92e612
SHA1

8679cbdff1cff548decfaf2ffdaef574c1927f4c
SHA256

bf4753a2df12082694dc41408bfc095710b5e98207b449a854199ae3514b4ba5
SHA512

9b24a3a33d8843750b531305d53753bcaf2c68420e4adf4646ff7d0c6df773b81a232ec0b854ff124f7837d82dc96dd6afcc05404d2db141ac76f814ca8b0d6e
SSDEEP

1536:hAJDt1OeTsMN7rPbGEid2rUkv4gG/aR7ZWCywJWAtV/w:hAJDt1OGtQOGm7ZbywJWAtV/w

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  bf4753a2df12082694dc41408bfc095710b5e98207b449a854199ae3514b4ba5
- Size
  
  70KB
- MD5
  
  41e52ba91513eb237490c7630c92e612
- SHA1
  
  8679cbdff1cff548decfaf2ffdaef574c1927f4c
- SHA256
  
  bf4753a2df12082694dc41408bfc095710b5e98207b449a854199ae3514b4ba5
- SHA512
  
  9b24a3a33d8843750b531305d53753bcaf2c68420e4adf4646ff7d0c6df773b81a232ec0b854ff124f7837d82dc96dd6afcc05404d2db141ac76f814ca8b0d6e
- SSDEEP
  
  1536:hAJDt1OeTsMN7rPbGEid2rUkv4gG/aR7ZWCywJWAtV/w:hAJDt1OGtQOGm7ZbywJWAtV/w
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence