815e971458eb6208609852d82821738f8eb8092c063e64c1e2d4424c484c3b02 | Triage

Sharing

General

Target

815e971458eb6208609852d82821738f8eb8092c063e64c1e2d4424c484c3b02
Size

980KB
Sample

231101-1fv22sdd3x
MD5

78d72db4cd2fcb1ccbcd0d56c073ecd6
SHA1

de24d75dddc49da51df2152c270e047aee7920db
SHA256

815e971458eb6208609852d82821738f8eb8092c063e64c1e2d4424c484c3b02
SHA512

29e567398266ab4976b600ec5d3afdcef0a14c3d83563b5fb2e47cad65f70097ed062fda5b07c99ee526181a5678c4b6d1441f09d22d38b69c215d9f846be75f
SSDEEP

24576:FYba1BY0nAYGEBIPX2faq6Y0n1YFF9kf/+EBqAvHrVHepuy1hKspUu5t:I4KYbBIPGfaq6Y0n1iF9kfGEBqAvHrVW

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  815e971458eb6208609852d82821738f8eb8092c063e64c1e2d4424c484c3b02
- Size
  
  980KB
- MD5
  
  78d72db4cd2fcb1ccbcd0d56c073ecd6
- SHA1
  
  de24d75dddc49da51df2152c270e047aee7920db
- SHA256
  
  815e971458eb6208609852d82821738f8eb8092c063e64c1e2d4424c484c3b02
- SHA512
  
  29e567398266ab4976b600ec5d3afdcef0a14c3d83563b5fb2e47cad65f70097ed062fda5b07c99ee526181a5678c4b6d1441f09d22d38b69c215d9f846be75f
- SSDEEP
  
  24576:FYba1BY0nAYGEBIPX2faq6Y0n1YFF9kf/+EBqAvHrVHepuy1hKspUu5t:I4KYbBIPGfaq6Y0n1iF9kfGEBqAvHrVW
Score

8^/10

evasion
- Blocklisted process makes network request
- Downloads MZ/PE file
- Stops running service(s)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2