b5bdd2f2588f92c5b375ea0670d0c4a329681773163b3ca9be224c5e2d3c8a66 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0011a2fe0c22765006d0d3d3a27bbcc9
Size

172KB
Sample

231225-czy12sahgj
MD5

0011a2fe0c22765006d0d3d3a27bbcc9
SHA1

7419d9c0341158d6f48420991162d22f87836f92
SHA256

b5bdd2f2588f92c5b375ea0670d0c4a329681773163b3ca9be224c5e2d3c8a66
SHA512

136ca8a8f1bb4e61c3b0666602021e8e1007ec3ed936f30577cef9854927e920cb1e90f1788ee90aa3fe7fad27f3eeecd0f4992f08427b88dc4f21d3abf81531
SSDEEP

3072:dIJ/t18k5gq6Knvmb7/D26hjCWad38RQFyjwGBEWNDsn6slPct+hiBuAZd+q:2/tOtKnvmb7/D26heWad38RQFyjwGWo9

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0011a2fe0c22765006d0d3d3a27bbcc9
- Size
  
  172KB
- MD5
  
  0011a2fe0c22765006d0d3d3a27bbcc9
- SHA1
  
  7419d9c0341158d6f48420991162d22f87836f92
- SHA256
  
  b5bdd2f2588f92c5b375ea0670d0c4a329681773163b3ca9be224c5e2d3c8a66
- SHA512
  
  136ca8a8f1bb4e61c3b0666602021e8e1007ec3ed936f30577cef9854927e920cb1e90f1788ee90aa3fe7fad27f3eeecd0f4992f08427b88dc4f21d3abf81531
- SSDEEP
  
  3072:dIJ/t18k5gq6Knvmb7/D26hjCWad38RQFyjwGBEWNDsn6slPct+hiBuAZd+q:2/tOtKnvmb7/D26heWad38RQFyjwGWo9
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2