d530c918de7ee3c8f3eb9cd350f900f923d95f03964fbed19576d48527f24200 | Triage

Sharing

General

Target

WindowUpdateBlocker.rar
Size

928KB
Sample

230123-wj7sssga6z
MD5

a4ff364c165d4270a272bdfff07e153f
SHA1

3397418f0f13aa7f15db5f98e9a7bcbfc52f6480
SHA256

d530c918de7ee3c8f3eb9cd350f900f923d95f03964fbed19576d48527f24200
SHA512

3734e390d9a479ad530f57dbbda560f518b8e5ba03d3c015b82948f577bcd09af7cbb32031ad375f129101aaedb1edc8de55b4ece4b5900299bae8a50df677c3
SSDEEP

24576:I07TAUXXEl2jLSYpdUgB11l5b2CacfZiGqb/GsH4u62:JMUXXhTpdUgH1P2ChZFqbHT1

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  WindowUpdateBlocker/Wub.exe
- Size
  
  776KB
- MD5
  
  585c5000d1a851b295ff295389d7aa1a
- SHA1
  
  191f4e93781aba9bf81565cece0046ee599c0633
- SHA256
  
  15fccf8c018bbbed14664d5a5528cdf087b9032543be2169d78ab25d141d2b2c
- SHA512
  
  0ba2bbe8ca98e650d6f683f5700b44c11d30e3a5ef4b323a3a2aaa35f466401d808423cad4d497080c4bc9ec080e9a4f156ede3d651d3a718abe2307bc09a6b4
- SSDEEP
  
  12288:EaWzgMg7v3qnCiPErQohh0F4CCJ8lnyKQbv8HzqjqlG:baHMv6Cjrj+nyKQbv8TqjqG
Score

10^/10

evasion persistence
- Modifies security service
  evasion
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  WindowUpdateBlocker/Wub_x64.exe
- Size
  
  924KB
- MD5
  
  418dff42eea894a227f78935fbd8b059
- SHA1
  
  24c587c6f765bbbbe70f0d4c2f3a8654e8667a25
- SHA256
  
  bf79bb5da35061353485c7369cc5ecc9cecc79de7543bd71ce73f7192d0f6ec3
- SHA512
  
  ce7f3281dae81006edd545442d32cfe4ffa706964a0a8fc6e8c768fa1ca8a6b92a05a052b57849a73a5d6ecc70c1e4be3a858ddaae21f59a351ee226e248468d
- SSDEEP
  
  24576:q2DW/xbgX2YIbBQsu3/PNLKQ4HyAvsT7GUcUHJb:q2EUXgQsW/PNWQojUcUpb
Score

10^/10

evasion
- Modifies security service
  evasion
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

behavioral3

behavioral4