a04e84c848471b1284dfe1cf6fb446ab37ad376cd97d4a334f06b16a777b8e8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00ab98549abe10b829c6ff79ac64d4ef
Size

22KB
Sample

231224-rqznjsgdd9
MD5

00ab98549abe10b829c6ff79ac64d4ef
SHA1

36cbae0b000a584c2e0d9b1e40fa121c149c738a
SHA256

a04e84c848471b1284dfe1cf6fb446ab37ad376cd97d4a334f06b16a777b8e8b
SHA512

f80120d41bb09d050ec2710c8303a104fe1a0c85818f17b6ee6080b69aa21a7e354e63eada779e8d4716ed1f24c367cb05984d26b2a343b0aa39348f4e6f3656
SSDEEP

384:BPyZNjtU2m/ImLtKUX1diVvXTQed40ZMcA13jjqN1El+thzETEttQpNk3hg:ZyZOxY0dWvjQed4GA1TWNi+tlETEttQh

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  00ab98549abe10b829c6ff79ac64d4ef
- Size
  
  22KB
- MD5
  
  00ab98549abe10b829c6ff79ac64d4ef
- SHA1
  
  36cbae0b000a584c2e0d9b1e40fa121c149c738a
- SHA256
  
  a04e84c848471b1284dfe1cf6fb446ab37ad376cd97d4a334f06b16a777b8e8b
- SHA512
  
  f80120d41bb09d050ec2710c8303a104fe1a0c85818f17b6ee6080b69aa21a7e354e63eada779e8d4716ed1f24c367cb05984d26b2a343b0aa39348f4e6f3656
- SSDEEP
  
  384:BPyZNjtU2m/ImLtKUX1diVvXTQed40ZMcA13jjqN1El+thzETEttQpNk3hg:ZyZOxY0dWvjQed4GA1TWNi+tlETEttQh
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence