e9248e9c0ca8a7c4c841986b68d3dd75d659dc0fda4c09150166b819a8a42aef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b42d02afda8320e482bfd6daf49c188
Size

15KB
Sample

231225-tffh2abhfm
MD5

2b42d02afda8320e482bfd6daf49c188
SHA1

69e465c0a8a60d437eb16ca64a058359e189e1bc
SHA256

e9248e9c0ca8a7c4c841986b68d3dd75d659dc0fda4c09150166b819a8a42aef
SHA512

334b62113a4676af5f9a91943313a02d5622fed4ab384081a3256b1097b108e9e87954b317ae8b663dd6bd77ab44fe7d11f8b52e328f50a39b7a80a0f476a677
SSDEEP

384:tvCL5Jt45GUVIiMBswUsem11PmuIr4LUlTFlUgKG:JCL/Uxgsiek1yfES

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  2b42d02afda8320e482bfd6daf49c188
- Size
  
  15KB
- MD5
  
  2b42d02afda8320e482bfd6daf49c188
- SHA1
  
  69e465c0a8a60d437eb16ca64a058359e189e1bc
- SHA256
  
  e9248e9c0ca8a7c4c841986b68d3dd75d659dc0fda4c09150166b819a8a42aef
- SHA512
  
  334b62113a4676af5f9a91943313a02d5622fed4ab384081a3256b1097b108e9e87954b317ae8b663dd6bd77ab44fe7d11f8b52e328f50a39b7a80a0f476a677
- SSDEEP
  
  384:tvCL5Jt45GUVIiMBswUsem11PmuIr4LUlTFlUgKG:JCL/Uxgsiek1yfES
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Disables use of System Restore points
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence