19f043aa966f13a29f9a860057fb2a290939f75115e9784989fcbe96ad9242cb | Triage

Sharing

General

Target

29f18d1d43889dc0b8b3fcfee682430d
Size

132KB
Sample

231225-s3pvjsbbe2
MD5

29f18d1d43889dc0b8b3fcfee682430d
SHA1

61fe80e1d5a4225d7a83acd391f0a16cfe5a6dab
SHA256

19f043aa966f13a29f9a860057fb2a290939f75115e9784989fcbe96ad9242cb
SHA512

dc6fd15227089b167e4cce123e5f582c4985ae32688d5483845b45cc3cd8a08b78f8b9375ec64d443a88411f903792a232ebae544381986138b7d2d9c87305a1
SSDEEP

3072:ZVVOY64v7jkfam1CXDDjtFCZaOKYZfG3QZuGc6O:ZVQY5vEb2DDjtlOzfYMh

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  29f18d1d43889dc0b8b3fcfee682430d
- Size
  
  132KB
- MD5
  
  29f18d1d43889dc0b8b3fcfee682430d
- SHA1
  
  61fe80e1d5a4225d7a83acd391f0a16cfe5a6dab
- SHA256
  
  19f043aa966f13a29f9a860057fb2a290939f75115e9784989fcbe96ad9242cb
- SHA512
  
  dc6fd15227089b167e4cce123e5f582c4985ae32688d5483845b45cc3cd8a08b78f8b9375ec64d443a88411f903792a232ebae544381986138b7d2d9c87305a1
- SSDEEP
  
  3072:ZVVOY64v7jkfam1CXDDjtFCZaOKYZfG3QZuGc6O:ZVQY5vEb2DDjtlOzfYMh
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence