General
-
Target
1c1438af4015abbd2c0fd288b9fe9e2c
-
Size
41KB
-
Sample
231225-ah52xshedl
-
MD5
1c1438af4015abbd2c0fd288b9fe9e2c
-
SHA1
647bb162686f44f448e7c0892e63d5583f9612e7
-
SHA256
7f2364197aaca32061568b0d7cd544de561fa8a1c2b1a108182e93339701255e
-
SHA512
f0279b1b02e78652b38cae88aa65f1fd7b7c4c26363611323014bd56b1706bfe24725b668462288f6d5ae0b3f32e2dee387537f1961b3e6398ee899a5d646330
-
SSDEEP
768:dFDZ297K733ZL4OsPDsJOQICmcS7miUCbCB0ZOYirm3V1yoaChDl1F/oKaW7WXJo:oe18OyszIz7miUCbcYomLaoDHRJaW7
Malware Config
Targets
-
-
Target
1c1438af4015abbd2c0fd288b9fe9e2c
-
Size
41KB
-
MD5
1c1438af4015abbd2c0fd288b9fe9e2c
-
SHA1
647bb162686f44f448e7c0892e63d5583f9612e7
-
SHA256
7f2364197aaca32061568b0d7cd544de561fa8a1c2b1a108182e93339701255e
-
SHA512
f0279b1b02e78652b38cae88aa65f1fd7b7c4c26363611323014bd56b1706bfe24725b668462288f6d5ae0b3f32e2dee387537f1961b3e6398ee899a5d646330
-
SSDEEP
768:dFDZ297K733ZL4OsPDsJOQICmcS7miUCbCB0ZOYirm3V1yoaChDl1F/oKaW7WXJo:oe18OyszIz7miUCbcYomLaoDHRJaW7
Score10/10-
Modifies firewall policy service
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1