7b0413a7c72a0db68688970f38fc16388f429e95c3753df7d8e56ba5bbb7a78b | Triage

Sharing

General

Target

4bcec18c1b612fb1423fcc0ec4e33630
Size

463KB
Sample

231226-cms92afeaj
MD5

4bcec18c1b612fb1423fcc0ec4e33630
SHA1

832a1f19d483a12b6ede14d6b9325be1dd3ec787
SHA256

7b0413a7c72a0db68688970f38fc16388f429e95c3753df7d8e56ba5bbb7a78b
SHA512

5335b2c691fc78370b7097bfbbd7a81ed5a70b2ad4ad3cd05eb448b0bc2891709b2196ccb1bb7f9e5b76798a6f190a8122cba29fea1b3741269485a6778bcc32
SSDEEP

6144:UZfec9EbXDk6RkCBEKWnmy+g41rG1VVE+IdCPZIundXXrG1VVE+IA:UZWtI6RkCBoqumCPZFut

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  4bcec18c1b612fb1423fcc0ec4e33630
- Size
  
  463KB
- MD5
  
  4bcec18c1b612fb1423fcc0ec4e33630
- SHA1
  
  832a1f19d483a12b6ede14d6b9325be1dd3ec787
- SHA256
  
  7b0413a7c72a0db68688970f38fc16388f429e95c3753df7d8e56ba5bbb7a78b
- SHA512
  
  5335b2c691fc78370b7097bfbbd7a81ed5a70b2ad4ad3cd05eb448b0bc2891709b2196ccb1bb7f9e5b76798a6f190a8122cba29fea1b3741269485a6778bcc32
- SSDEEP
  
  6144:UZfec9EbXDk6RkCBEKWnmy+g41rG1VVE+IdCPZIundXXrG1VVE+IA:UZWtI6RkCBoqumCPZFut
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence