3efd5b2aaf7a127ad06aa4435e6380489ba9b3edb1c768587b6f0b731f23d082 | Triage

Sharing

General

Target

3efd5b2aaf7a127ad06aa4435e6380489ba9b3edb1c768587b6f0b731f23d082
Size

2.5MB
Sample

230330-m1yrsadg8t
MD5

09aaef8fc9fed4efbaed71c8bbb7d3ee
SHA1

5d2fa14d16fdb807d2af9edf46ea87be4ccaf9ca
SHA256

3efd5b2aaf7a127ad06aa4435e6380489ba9b3edb1c768587b6f0b731f23d082
SHA512

c5163d5bd7b7dadf199c4320a8c2bd252102bc028146eab45485c0dcbced583828a220346f9726e0a914282bed0e857d1f0fc4d055d33aee317dac8f5d70313e
SSDEEP

49152:JLctt63SykpdtBqrot5FyNK0g7jccGujPeDNmW5i+OP:JLSqS5tBqra2KV7wcGMKNMP

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  3efd5b2aaf7a127ad06aa4435e6380489ba9b3edb1c768587b6f0b731f23d082
- Size
  
  2.5MB
- MD5
  
  09aaef8fc9fed4efbaed71c8bbb7d3ee
- SHA1
  
  5d2fa14d16fdb807d2af9edf46ea87be4ccaf9ca
- SHA256
  
  3efd5b2aaf7a127ad06aa4435e6380489ba9b3edb1c768587b6f0b731f23d082
- SHA512
  
  c5163d5bd7b7dadf199c4320a8c2bd252102bc028146eab45485c0dcbced583828a220346f9726e0a914282bed0e857d1f0fc4d055d33aee317dac8f5d70313e
- SSDEEP
  
  49152:JLctt63SykpdtBqrot5FyNK0g7jccGujPeDNmW5i+OP:JLSqS5tBqra2KV7wcGMKNMP
Score

8^/10

evasion persistence
- Creates new service(s)
  persistence
- Sets service image path in registry
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

New Service

Registry Run Keys / Startup Folder

Privilege Escalation

New Service

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence