14e62d98a6b6854419fc6f288b83aac3006f1a812952c7b4deb69e267adb8749 | Triage

Sharing

General

Target

5d732a8db1d8bc9638940c0d2b7efe47
Size

23KB
Sample

231226-jmng4segf9
MD5

5d732a8db1d8bc9638940c0d2b7efe47
SHA1

b1d168ee44f45907c505ff0e899f71a45f2268e3
SHA256

14e62d98a6b6854419fc6f288b83aac3006f1a812952c7b4deb69e267adb8749
SHA512

67f3f92319f709a178096fa60b881522397d02e7f7a6fe4ba8a004c554c75728d93c9b2f33bd0f6cc8b6d70dae5f10fd8cf83a64e41b5947000dccefcb0812e1
SSDEEP

384:rPyZNjtU2mWoJnKZltinOf1oTnahNuTWjPMrzxNDe0:zyZnHTNo2NmGPOxNDF

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  5d732a8db1d8bc9638940c0d2b7efe47
- Size
  
  23KB
- MD5
  
  5d732a8db1d8bc9638940c0d2b7efe47
- SHA1
  
  b1d168ee44f45907c505ff0e899f71a45f2268e3
- SHA256
  
  14e62d98a6b6854419fc6f288b83aac3006f1a812952c7b4deb69e267adb8749
- SHA512
  
  67f3f92319f709a178096fa60b881522397d02e7f7a6fe4ba8a004c554c75728d93c9b2f33bd0f6cc8b6d70dae5f10fd8cf83a64e41b5947000dccefcb0812e1
- SSDEEP
  
  384:rPyZNjtU2mWoJnKZltinOf1oTnahNuTWjPMrzxNDe0:zyZnHTNo2NmGPOxNDF
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence