a74950c1bbad337a5e67edfa8391da5ae8dd57d17784e206bcdc98c718f65e24 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CleanFlash_34.0.0.301_Installer.exe
Size

28.3MB
Sample

231022-ker11aef6y
MD5

fb63a75146bafe42afd2b4939f76f015
SHA1

ee13c9c1c69d82a1063bf377d6447c5f59f8ffb0
SHA256

a74950c1bbad337a5e67edfa8391da5ae8dd57d17784e206bcdc98c718f65e24
SHA512

88e37d816714ead57a46785e1226bf296048d37845755ca6ce6a39e81e4102a0e87565cf827350464c2ebc06ef22b08ca8aa01653b6644cc552724c29c47e333
SSDEEP

393216:32lT0hvp3fd3Agc1fsQIt3e8ehKkeUPwghJMItgYLcTTcaAbrrK:cqBl3A51fct3e8eAi+ItNLc03rK

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  CleanFlash_34.0.0.301_Installer.exe
- Size
  
  28.3MB
- MD5
  
  fb63a75146bafe42afd2b4939f76f015
- SHA1
  
  ee13c9c1c69d82a1063bf377d6447c5f59f8ffb0
- SHA256
  
  a74950c1bbad337a5e67edfa8391da5ae8dd57d17784e206bcdc98c718f65e24
- SHA512
  
  88e37d816714ead57a46785e1226bf296048d37845755ca6ce6a39e81e4102a0e87565cf827350464c2ebc06ef22b08ca8aa01653b6644cc552724c29c47e333
- SSDEEP
  
  393216:32lT0hvp3fd3Agc1fsQIt3e8ehKkeUPwghJMItgYLcTTcaAbrrK:cqBl3A51fct3e8eAi+ItNLc03rK
Score

8^/10

evasion persistence
- Sets file execution options in registry
  persistence
- Stops running service(s)
  evasion
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence