e6fbccdb81b4f21153179b2de90e55d57151bbb11517ae8c1b9ba38a257b51f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e6fbccdb81b4f21153179b2de90e55d57151bbb11517ae8c1b9ba38a257b51f1
Size

102KB
Sample

221206-vbtqjahf8y
MD5

9d348dc7131d3ac0d745e7b51909ff42
SHA1

06e367142435f0e084641bfaf5479e884f6ec904
SHA256

e6fbccdb81b4f21153179b2de90e55d57151bbb11517ae8c1b9ba38a257b51f1
SHA512

be6254e921fad7c22fc3edc7a5452c1f1441f5250a3ffd9d5df93c2fb16a6bfe6a9a6b24d29ec8529c72bb4bc29d65dff6c42e9b3b23613096b0966bec41afd6
SSDEEP

1536:4NaFYEa2VNW2zdec4ctsQQzwcKp8OEDYKTCwHGAeZYxUrvKKbQGcYsxO4Q1pEunE:ayYEaINW2zdtFU9CPAehjxjsvo9pi

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e6fbccdb81b4f21153179b2de90e55d57151bbb11517ae8c1b9ba38a257b51f1
- Size
  
  102KB
- MD5
  
  9d348dc7131d3ac0d745e7b51909ff42
- SHA1
  
  06e367142435f0e084641bfaf5479e884f6ec904
- SHA256
  
  e6fbccdb81b4f21153179b2de90e55d57151bbb11517ae8c1b9ba38a257b51f1
- SHA512
  
  be6254e921fad7c22fc3edc7a5452c1f1441f5250a3ffd9d5df93c2fb16a6bfe6a9a6b24d29ec8529c72bb4bc29d65dff6c42e9b3b23613096b0966bec41afd6
- SSDEEP
  
  1536:4NaFYEa2VNW2zdec4ctsQQzwcKp8OEDYKTCwHGAeZYxUrvKKbQGcYsxO4Q1pEunE:ayYEaINW2zdtFU9CPAehjxjsvo9pi
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2