27bee5b6c2494d167f8ae5df34bcc96b49a5606d628090737deec95780cdcbcb | Triage

Sharing

General

Target

0b9553e1bee8d90b1658196386164ee0
Size

688KB
Sample

231224-w1zhrahdf4
MD5

0b9553e1bee8d90b1658196386164ee0
SHA1

435748ddc18248352a08d983f4b841a5e8c2aa0a
SHA256

27bee5b6c2494d167f8ae5df34bcc96b49a5606d628090737deec95780cdcbcb
SHA512

bb0c69a7e3cbdcd53ccba5364286be68db8fe80b289746995ce69bb44476a2c69cb7358919406e697bbfdd94fb8c45f8fd0e6e08892e50bcb552ea1955ea7581
SSDEEP

12288:UZWtI6RkgweZJys73dOvXDpNjNe8TOB0vVYiZKTKwaut:UuhadeZJ8NI8TOAVETKwD

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0b9553e1bee8d90b1658196386164ee0
- Size
  
  688KB
- MD5
  
  0b9553e1bee8d90b1658196386164ee0
- SHA1
  
  435748ddc18248352a08d983f4b841a5e8c2aa0a
- SHA256
  
  27bee5b6c2494d167f8ae5df34bcc96b49a5606d628090737deec95780cdcbcb
- SHA512
  
  bb0c69a7e3cbdcd53ccba5364286be68db8fe80b289746995ce69bb44476a2c69cb7358919406e697bbfdd94fb8c45f8fd0e6e08892e50bcb552ea1955ea7581
- SSDEEP
  
  12288:UZWtI6RkgweZJys73dOvXDpNjNe8TOB0vVYiZKTKwaut:UuhadeZJ8NI8TOAVETKwD
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence