6d092eaa322e786a2c9cbad2df949070846199a4782e6cd79d32318aadaa653b | Triage

Sharing

General

Target

22cde1adfa90a561aca5a369a79d1a02
Size

522KB
Sample

231225-q2lemacfdm
MD5

22cde1adfa90a561aca5a369a79d1a02
SHA1

a87b02d908006086a862680b7d3f11660fb9b34d
SHA256

6d092eaa322e786a2c9cbad2df949070846199a4782e6cd79d32318aadaa653b
SHA512

c5d20e44242c9e9259bdfc4362a4a9b47f7b9dce3cf24d8aa1cf14870b8e225bf4197f7f1ea1238c179e8382535f4b640eae35db90da844bcb9c6ca6196083dc
SSDEEP

6144:UZfec9EbXDk6RkdKJrG1VVE+IVE2EBE2EZ/UOPSe570Szp34UF40E2E4:UZWtI6RkcudMyOB0pa4r4

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  22cde1adfa90a561aca5a369a79d1a02
- Size
  
  522KB
- MD5
  
  22cde1adfa90a561aca5a369a79d1a02
- SHA1
  
  a87b02d908006086a862680b7d3f11660fb9b34d
- SHA256
  
  6d092eaa322e786a2c9cbad2df949070846199a4782e6cd79d32318aadaa653b
- SHA512
  
  c5d20e44242c9e9259bdfc4362a4a9b47f7b9dce3cf24d8aa1cf14870b8e225bf4197f7f1ea1238c179e8382535f4b640eae35db90da844bcb9c6ca6196083dc
- SSDEEP
  
  6144:UZfec9EbXDk6RkdKJrG1VVE+IVE2EBE2EZ/UOPSe570Szp34UF40E2E4:UZWtI6RkcudMyOB0pa4r4
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence