d700f47bdc52906c398c026b3ac69382fb012434f7a6967323ede937af1658ce | Triage

Sharing

General

Target

d700f47bdc52906c398c026b3ac69382fb012434f7a6967323ede937af1658ce
Size

3.6MB
Sample

221212-lz8pxsdg5w
MD5

d0525e69e54066d5b3764acefd16a754
SHA1

513304e7eca83acedad4655a135a6f4c2c1f4aed
SHA256

d700f47bdc52906c398c026b3ac69382fb012434f7a6967323ede937af1658ce
SHA512

b958797b913b1860daa2cdf4f6741835042e170fea4c4b5f3ae61432a9e24054dbcd40dbc4871d19b12d3f40d90523490caa37e6152d66850c05f18b7d738f03
SSDEEP

98304:vKNU8zvQiW+xPSCcgu3ebV6GDRjar2H2wKr3:avhWXrycG1jamKr3

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  d700f47bdc52906c398c026b3ac69382fb012434f7a6967323ede937af1658ce
- Size
  
  3.6MB
- MD5
  
  d0525e69e54066d5b3764acefd16a754
- SHA1
  
  513304e7eca83acedad4655a135a6f4c2c1f4aed
- SHA256
  
  d700f47bdc52906c398c026b3ac69382fb012434f7a6967323ede937af1658ce
- SHA512
  
  b958797b913b1860daa2cdf4f6741835042e170fea4c4b5f3ae61432a9e24054dbcd40dbc4871d19b12d3f40d90523490caa37e6152d66850c05f18b7d738f03
- SSDEEP
  
  98304:vKNU8zvQiW+xPSCcgu3ebV6GDRjar2H2wKr3:avhWXrycG1jamKr3
Score

10^/10

evasion
- Modifies security service
  evasion
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Drops file in Drivers directory
- Stops running service(s)
  evasion
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1