461488dac225040638ea77dc0975f38b2ed72186d3485f800ee613617e3f46c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

spoofer.exe
Size

46KB
Sample

230801-zxjjxabc86
MD5

8bca0d339dc5406f7b473d2d9d613d8d
SHA1

849f161bbfc3258ad12554bc28b886438fca4b2b
SHA256

461488dac225040638ea77dc0975f38b2ed72186d3485f800ee613617e3f46c0
SHA512

cdb869e4b8b98fb3fc2b210cb1f3744c4febaa91076d25ffa4e388f318253782107320eb95a636e9802c215451f6f0e4ea63dd0f69b466f9c45d21d0d75c6934
SSDEEP

768:2/3ycTl8SgNVbbATYsBdEgBg8nw9IxF5uek7SkqQ9MYmBYc3qeU:2/5+SybAT1ByIxWl7b9CQeU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  spoofer.exe
- Size
  
  46KB
- MD5
  
  8bca0d339dc5406f7b473d2d9d613d8d
- SHA1
  
  849f161bbfc3258ad12554bc28b886438fca4b2b
- SHA256
  
  461488dac225040638ea77dc0975f38b2ed72186d3485f800ee613617e3f46c0
- SHA512
  
  cdb869e4b8b98fb3fc2b210cb1f3744c4febaa91076d25ffa4e388f318253782107320eb95a636e9802c215451f6f0e4ea63dd0f69b466f9c45d21d0d75c6934
- SSDEEP
  
  768:2/3ycTl8SgNVbbATYsBdEgBg8nw9IxF5uek7SkqQ9MYmBYc3qeU:2/5+SybAT1ByIxWl7b9CQeU
Score

8^/10

persistence
- Downloads MZ/PE file
- Sets service image path in registry
  persistence
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2