8ae0f2a864cf6f1a61cbd7b65586ca3bb57c0537d4b15a6b38bfddfd72ffe2dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0407296856b14f6008298985d100df70.exe
Size

42KB
Sample

231103-lrgapshg84
MD5

0407296856b14f6008298985d100df70
SHA1

298e885cf01f0a869b709820ef7c8d1bfe20c87d
SHA256

8ae0f2a864cf6f1a61cbd7b65586ca3bb57c0537d4b15a6b38bfddfd72ffe2dd
SHA512

0068e64648ad2ff32530d33466e21bf93793f2bc1e48a01895b106c60c449d1758418a5d07ec7b36c4260d87629a737fa41a0f3c31356a7600ef4b9379efb863
SSDEEP

768:SwVIZU6TXolKInHbzUbTKhq/FMlxcsb7tQPcvnwFqmXJZXNH8Ar5gqqSMM/G:TVIy6TKnHbYTKsMlmq7tQEvk5JZdHVrr

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  NEAS.0407296856b14f6008298985d100df70.exe
- Size
  
  42KB
- MD5
  
  0407296856b14f6008298985d100df70
- SHA1
  
  298e885cf01f0a869b709820ef7c8d1bfe20c87d
- SHA256
  
  8ae0f2a864cf6f1a61cbd7b65586ca3bb57c0537d4b15a6b38bfddfd72ffe2dd
- SHA512
  
  0068e64648ad2ff32530d33466e21bf93793f2bc1e48a01895b106c60c449d1758418a5d07ec7b36c4260d87629a737fa41a0f3c31356a7600ef4b9379efb863
- SSDEEP
  
  768:SwVIZU6TXolKInHbzUbTKhq/FMlxcsb7tQPcvnwFqmXJZXNH8Ar5gqqSMM/G:TVIy6TKnHbYTKsMlmq7tQEvk5JZdHVrr
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2