7700b4fc146746e84ae2d6d4efd1ef7cfb427b4f16ba135c989b0bfb60eb5869 | Triage

Sharing

General

Target

7700b4fc146746e84ae2d6d4efd1ef7cfb427b4f16ba135c989b0bfb60eb5869
Size

12.9MB
Sample

230902-wlpp1aef41
MD5

b7ef36afa781b6a48869ce6fd50f1836
SHA1

c2549e5f8f3de18fb0748d92713c039009d810f7
SHA256

7700b4fc146746e84ae2d6d4efd1ef7cfb427b4f16ba135c989b0bfb60eb5869
SHA512

4d8d812e1d3d82673b6897498dae323837f64d4ef63afc6c243b8990092412930cd1beb3abb09c55663e7357b7e7468ab0de7a6e84445fb973241077d8f650be
SSDEEP

196608:d3VtXZ89vbxRIWr/+WDhfmzWYvSG2vpkyhSg5qM96JOdxfbAh53r87MRabt5o9/:vhG9jXlGZHvv2vb5qM9MYfb/7JXo9/

Score

8^/10

discovery evasion

Malware Config

Targets

- Target
  
  7700b4fc146746e84ae2d6d4efd1ef7cfb427b4f16ba135c989b0bfb60eb5869
- Size
  
  12.9MB
- MD5
  
  b7ef36afa781b6a48869ce6fd50f1836
- SHA1
  
  c2549e5f8f3de18fb0748d92713c039009d810f7
- SHA256
  
  7700b4fc146746e84ae2d6d4efd1ef7cfb427b4f16ba135c989b0bfb60eb5869
- SHA512
  
  4d8d812e1d3d82673b6897498dae323837f64d4ef63afc6c243b8990092412930cd1beb3abb09c55663e7357b7e7468ab0de7a6e84445fb973241077d8f650be
- SSDEEP
  
  196608:d3VtXZ89vbxRIWr/+WDhfmzWYvSG2vpkyhSg5qM96JOdxfbAh53r87MRabt5o9/:vhG9jXlGZHvv2vb5qM9MYfb/7JXo9/
Score

8^/10

discovery evasion
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion