ad423f6907a939a34b036b0b71cffd09bea10e010edde21360bd8aceb4e1fc4e | Triage

Sharing

General

Target

ad423f6907a939a34b036b0b71cffd09bea10e010edde21360bd8aceb4e1fc4e
Size

952KB
Sample

231117-ksbwyahe7v
MD5

af078c4997ef2244bdc3dbe809731890
SHA1

74028e8d04be0f824508814bc36addc6bb4e7cd6
SHA256

ad423f6907a939a34b036b0b71cffd09bea10e010edde21360bd8aceb4e1fc4e
SHA512

7da33bc9f7f4065c65a96242e4471b8e56413a9625f253f93539eb365ee5fde873f7295b736c6b955b56c2b3fe90c5c0bad20f025c18aaa509081e54b67c0050
SSDEEP

24576:yYp2/iV8pXtdsmLkNPn2rbnRvZVhKspzhWOc:yHSy9oARnhKsp1

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  ad423f6907a939a34b036b0b71cffd09bea10e010edde21360bd8aceb4e1fc4e
- Size
  
  952KB
- MD5
  
  af078c4997ef2244bdc3dbe809731890
- SHA1
  
  74028e8d04be0f824508814bc36addc6bb4e7cd6
- SHA256
  
  ad423f6907a939a34b036b0b71cffd09bea10e010edde21360bd8aceb4e1fc4e
- SHA512
  
  7da33bc9f7f4065c65a96242e4471b8e56413a9625f253f93539eb365ee5fde873f7295b736c6b955b56c2b3fe90c5c0bad20f025c18aaa509081e54b67c0050
- SSDEEP
  
  24576:yYp2/iV8pXtdsmLkNPn2rbnRvZVhKspzhWOc:yHSy9oARnhKsp1
Score

8^/10

evasion
- Blocklisted process makes network request
- Stops running service(s)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2