e6ea9a4f102ba876cd208092e784f5af3fad5812df9ee50323b10b5447bc6d8f | Triage

Sharing

General

Target

34f3ed7b9a9c520f558d9a22e3994521
Size

2.0MB
Sample

231225-w82yvaddhr
MD5

34f3ed7b9a9c520f558d9a22e3994521
SHA1

dde0d0672a16456fd6f0905034c43e6e2182eb37
SHA256

e6ea9a4f102ba876cd208092e784f5af3fad5812df9ee50323b10b5447bc6d8f
SHA512

9cee950c1f7903ea5bc94319bc2cd1149f431f79329fbd188b9a54020ba386cf1802909a5b77b02c18cc391491de7c2f5ef77c5dc7f1c5cdba9721d3153db4a2
SSDEEP

49152:bQerQZbd2terQZbd2uerQZbd2terQZbd2H8r:VrQZjrQZYrQZjrQZr

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  34f3ed7b9a9c520f558d9a22e3994521
- Size
  
  2.0MB
- MD5
  
  34f3ed7b9a9c520f558d9a22e3994521
- SHA1
  
  dde0d0672a16456fd6f0905034c43e6e2182eb37
- SHA256
  
  e6ea9a4f102ba876cd208092e784f5af3fad5812df9ee50323b10b5447bc6d8f
- SHA512
  
  9cee950c1f7903ea5bc94319bc2cd1149f431f79329fbd188b9a54020ba386cf1802909a5b77b02c18cc391491de7c2f5ef77c5dc7f1c5cdba9721d3153db4a2
- SSDEEP
  
  49152:bQerQZbd2terQZbd2uerQZbd2terQZbd2H8r:VrQZjrQZYrQZjrQZr
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence