b077b323bb0c5955af06b6e0c93ba36e489d6b0a8de9e2fc9c55fdb84550a883 | Triage

Sharing

General

Target

b077b323bb0c5955af06b6e0c93ba36e489d6b0a8de9e2fc9c55fdb84550a883
Size

44KB
Sample

221206-t8xysaee77
MD5

3f70190e86fa3aef81768e5fd9dd862c
SHA1

8ad173aa4baf18d7b86d8f4e160d29a4baa73810
SHA256

b077b323bb0c5955af06b6e0c93ba36e489d6b0a8de9e2fc9c55fdb84550a883
SHA512

47f6417b26ffd92d44ee52e0c82f282bbc160a046fff053b7fa44154c1ded0cae13ae975988589597893c87652613594dfc6c9308925430e62314491e4bb29c7
SSDEEP

768:gqJxn8eXSZ9Ss0JLIbuxln62gb58126HAjHtU2qvtO1a58t1tRONToj0Enjd76RL:d9lXdHQmaLLONEnjF64

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  b077b323bb0c5955af06b6e0c93ba36e489d6b0a8de9e2fc9c55fdb84550a883
- Size
  
  44KB
- MD5
  
  3f70190e86fa3aef81768e5fd9dd862c
- SHA1
  
  8ad173aa4baf18d7b86d8f4e160d29a4baa73810
- SHA256
  
  b077b323bb0c5955af06b6e0c93ba36e489d6b0a8de9e2fc9c55fdb84550a883
- SHA512
  
  47f6417b26ffd92d44ee52e0c82f282bbc160a046fff053b7fa44154c1ded0cae13ae975988589597893c87652613594dfc6c9308925430e62314491e4bb29c7
- SSDEEP
  
  768:gqJxn8eXSZ9Ss0JLIbuxln62gb58126HAjHtU2qvtO1a58t1tRONToj0Enjd76RL:d9lXdHQmaLLONEnjF64
Score

8^/10

evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2