c8702b6c90b200576a33cfec2a0f8777cbf47d86e7f4026e9fc9d5e53bbff775 | Triage

Resubmissions

28/06/2023, 15:22

230628-sr53dsab52 8

28/06/2023, 14:57

230628-sbxfbaba6x 8

28/06/2023, 14:54

230628-r95znsaa83 8

28/06/2023, 14:48

230628-r6nwzsaa66 8

Sharing

Copy URL Twitter E-mail

General

Target

nvxdsync.exe
Size

182KB
Sample

230628-sr53dsab52
MD5

c30d18e54b38af1afeaa685c7b39caf2
SHA1

fb8ec79d5d8a03fef493fb2ed3f17a8633a67c5e
SHA256

c8702b6c90b200576a33cfec2a0f8777cbf47d86e7f4026e9fc9d5e53bbff775
SHA512

deb0482edce4f0dc484b276729f4ef9496d29e5f41aca454729dc516b524b46379e4c15bf65589afc3a192fa349ddd832c784f81a0d5b4e595b409af21d643ea
SSDEEP

3072:ph7VTphQm/tV3hLKKKKKU8AAFTbp8ELQHsoOJNuYnZIWH2qWUwZr+EM4EIGKEc6M:ph7VTphQjfJXnIZO

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  nvxdsync.exe
- Size
  
  182KB
- MD5
  
  c30d18e54b38af1afeaa685c7b39caf2
- SHA1
  
  fb8ec79d5d8a03fef493fb2ed3f17a8633a67c5e
- SHA256
  
  c8702b6c90b200576a33cfec2a0f8777cbf47d86e7f4026e9fc9d5e53bbff775
- SHA512
  
  deb0482edce4f0dc484b276729f4ef9496d29e5f41aca454729dc516b524b46379e4c15bf65589afc3a192fa349ddd832c784f81a0d5b4e595b409af21d643ea
- SSDEEP
  
  3072:ph7VTphQm/tV3hLKKKKKU8AAFTbp8ELQHsoOJNuYnZIWH2qWUwZr+EM4EIGKEc6M:ph7VTphQjfJXnIZO
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
- Drops startup file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1