027de56d376cb74a6b55582cd377f0582f7dfd306732782c680739d8468bed05 | Triage

Sharing

General

Target

5c2094a2e13ef3b1829b7e4b4144da1b
Size

467KB
Sample

231226-h6dlkscfb3
MD5

5c2094a2e13ef3b1829b7e4b4144da1b
SHA1

d4b91cd00013777e963cfadf08612fdc2f374a61
SHA256

027de56d376cb74a6b55582cd377f0582f7dfd306732782c680739d8468bed05
SHA512

b25d18a33c330433740410cabc168647956837e2a013fae1c5f486ff5e90a73cea3deca5730102f17e7bf7556ed48e5a70d0240f4a525e0d2c67c88d5e0d588a
SSDEEP

12288:UZWtI6RkjLuVM2eZJys73dOvXDpNjNe8r:Uuhaj0M2eZJ8NI8r

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  5c2094a2e13ef3b1829b7e4b4144da1b
- Size
  
  467KB
- MD5
  
  5c2094a2e13ef3b1829b7e4b4144da1b
- SHA1
  
  d4b91cd00013777e963cfadf08612fdc2f374a61
- SHA256
  
  027de56d376cb74a6b55582cd377f0582f7dfd306732782c680739d8468bed05
- SHA512
  
  b25d18a33c330433740410cabc168647956837e2a013fae1c5f486ff5e90a73cea3deca5730102f17e7bf7556ed48e5a70d0240f4a525e0d2c67c88d5e0d588a
- SSDEEP
  
  12288:UZWtI6RkjLuVM2eZJys73dOvXDpNjNe8r:Uuhaj0M2eZJ8NI8r
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence