e914db09c66cd266123c8274f10014e0e3760052090b148a2521a92ed9bdd5a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2673ef757a0c873cb728cc3d3e50913d
Size

14KB
Sample

231225-r3avysbcgm
MD5

2673ef757a0c873cb728cc3d3e50913d
SHA1

4e8ca653f6e74203f731355044382a63ecdd4f36
SHA256

e914db09c66cd266123c8274f10014e0e3760052090b148a2521a92ed9bdd5a9
SHA512

e0b4ac23f66c2017b2a2c9c512bdfaf8067c06d8cb4a3a1f6e9c57ad74a657d97914f59745285113182a0ebba04588c3ff93c57cadf20edfd7b7318285da5321
SSDEEP

384:RbHlUO2jpHTu86xaNoifEUg9XZgXpAKew1ILSkurHZ:3UO2jVu8gnisbhqAKeiLr5

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  2673ef757a0c873cb728cc3d3e50913d
- Size
  
  14KB
- MD5
  
  2673ef757a0c873cb728cc3d3e50913d
- SHA1
  
  4e8ca653f6e74203f731355044382a63ecdd4f36
- SHA256
  
  e914db09c66cd266123c8274f10014e0e3760052090b148a2521a92ed9bdd5a9
- SHA512
  
  e0b4ac23f66c2017b2a2c9c512bdfaf8067c06d8cb4a3a1f6e9c57ad74a657d97914f59745285113182a0ebba04588c3ff93c57cadf20edfd7b7318285da5321
- SSDEEP
  
  384:RbHlUO2jpHTu86xaNoifEUg9XZgXpAKew1ILSkurHZ:3UO2jVu8gnisbhqAKeiLr5
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Disables use of System Restore points
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence