472e61ce1652fecaa78ae680a42c1c196b32d6f66e7cc794030b6ac0d767d10e | Triage

Sharing

General

Target

472e61ce1652fecaa78ae680a42c1c196b32d6f66e7cc794030b6ac0d767d10e
Size

576KB
Sample

221206-rhnajshc51
MD5

a21656e97cebceff58f72e80a4c00a22
SHA1

a1f53cb43a9d3802647342b463d6d032aa616347
SHA256

472e61ce1652fecaa78ae680a42c1c196b32d6f66e7cc794030b6ac0d767d10e
SHA512

0e6755fbe74df6ab817083a50c9dcbdd04d0498fd5a765d3d71526489d5f0715390de48c45409721ae5ecf1f0ef35d6961b758559a316f20b516d4ef08b28d8a
SSDEEP

12288:hxLNqVwGaV3xVauQ28IaiE0E/gq0638NyqtXp:hxBGa3YucIyJuyO

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  472e61ce1652fecaa78ae680a42c1c196b32d6f66e7cc794030b6ac0d767d10e
- Size
  
  576KB
- MD5
  
  a21656e97cebceff58f72e80a4c00a22
- SHA1
  
  a1f53cb43a9d3802647342b463d6d032aa616347
- SHA256
  
  472e61ce1652fecaa78ae680a42c1c196b32d6f66e7cc794030b6ac0d767d10e
- SHA512
  
  0e6755fbe74df6ab817083a50c9dcbdd04d0498fd5a765d3d71526489d5f0715390de48c45409721ae5ecf1f0ef35d6961b758559a316f20b516d4ef08b28d8a
- SSDEEP
  
  12288:hxLNqVwGaV3xVauQ28IaiE0E/gq0638NyqtXp:hxBGa3YucIyJuyO
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2