d47a558f49f9c211c6a16e36670232a9d997b85c5162e6fab4a8c61f8151e4f4 | Triage

Sharing

General

Target

2ff22c8ec4e340b78efd44b836e3e260
Size

13KB
Sample

231225-vq6nmsccdn
MD5

2ff22c8ec4e340b78efd44b836e3e260
SHA1

7b80a044aa69d79f31d98992eb24f90e74da30d2
SHA256

d47a558f49f9c211c6a16e36670232a9d997b85c5162e6fab4a8c61f8151e4f4
SHA512

ebd4a83702f0568ae505e1a066a64afb55ae61fef2ea9c08a69efff478fb3878678c54e287e5594dd46c4be24c0798afd37cf5a65006027f49a710ba9db66eba
SSDEEP

192:FjdMyhJG2aM/lBxlyA9IF8G+ZMimz82pXdHMHlcc23kaGqFSX0DubjP/:xdUoNflv9IFRY2ptsc10+FSEUjH

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  2ff22c8ec4e340b78efd44b836e3e260
- Size
  
  13KB
- MD5
  
  2ff22c8ec4e340b78efd44b836e3e260
- SHA1
  
  7b80a044aa69d79f31d98992eb24f90e74da30d2
- SHA256
  
  d47a558f49f9c211c6a16e36670232a9d997b85c5162e6fab4a8c61f8151e4f4
- SHA512
  
  ebd4a83702f0568ae505e1a066a64afb55ae61fef2ea9c08a69efff478fb3878678c54e287e5594dd46c4be24c0798afd37cf5a65006027f49a710ba9db66eba
- SSDEEP
  
  192:FjdMyhJG2aM/lBxlyA9IF8G+ZMimz82pXdHMHlcc23kaGqFSX0DubjP/:xdUoNflv9IFRY2ptsc10+FSEUjH
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence