58cabc470935be409c60f06e2b70339d88288e3e8aa4900ada4246599bd0012f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58cabc470935be409c60f06e2b70339d88288e3e8aa4900ada4246599bd0012f
Size

4.1MB
Sample

230211-qg5mrseb85
MD5

5fa9970a72578a9747da980f36501cd4
SHA1

6a7567ee7ff5b95894d347b1251f8c43923ba625
SHA256

58cabc470935be409c60f06e2b70339d88288e3e8aa4900ada4246599bd0012f
SHA512

2d6ec24555c31f0fe94050ae8f90bbbaa9ece756031b5c1f944586b59911beef3239a61e61891afbcb16ac2f20284f535f31bea6ea4a1c55b880530890980831
SSDEEP

98304:vJVdvQZGhmIGw3dA+KbLfN2LuJQ6V/Zpk/azmB7:vdH3dA+QfVQ65k/j7

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  58cabc470935be409c60f06e2b70339d88288e3e8aa4900ada4246599bd0012f
- Size
  
  4.1MB
- MD5
  
  5fa9970a72578a9747da980f36501cd4
- SHA1
  
  6a7567ee7ff5b95894d347b1251f8c43923ba625
- SHA256
  
  58cabc470935be409c60f06e2b70339d88288e3e8aa4900ada4246599bd0012f
- SHA512
  
  2d6ec24555c31f0fe94050ae8f90bbbaa9ece756031b5c1f944586b59911beef3239a61e61891afbcb16ac2f20284f535f31bea6ea4a1c55b880530890980831
- SSDEEP
  
  98304:vJVdvQZGhmIGw3dA+KbLfN2LuJQ6V/Zpk/azmB7:vdH3dA+QfVQ65k/j7
Score

10^/10

evasion
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Modifies Windows Firewall
  evasion
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1