General
-
Target
6af6df87498c6e8df0ce8e94375f469a
-
Size
369KB
-
Sample
231226-nm23qaddar
-
MD5
6af6df87498c6e8df0ce8e94375f469a
-
SHA1
787084f19d3bb19249f9b9e9c7bb5d26f7f63b5a
-
SHA256
32bece6ac967d9dfd0a751a3f26c8d6b7835ab04ecf616572672b6655ea4ef6d
-
SHA512
c9809a1f1ced2909a6f8ad903ce237e0144a3740447f5e027ed2263055511aca1648ac65360dfd23e676ebad9fe135328080dcad4111cd177aa7fc6ea2099bc0
-
SSDEEP
6144:9i+L6CxGUgwjK8wVg16e3N29TYPsQZogU85b8ZprH+qMPQuPkdoPMFs4nyYUt1t:A+eDz8w8g3QZogT5IZRHUPZM4MS4xUXt
Malware Config
Targets
-
-
Target
6af6df87498c6e8df0ce8e94375f469a
-
Size
369KB
-
MD5
6af6df87498c6e8df0ce8e94375f469a
-
SHA1
787084f19d3bb19249f9b9e9c7bb5d26f7f63b5a
-
SHA256
32bece6ac967d9dfd0a751a3f26c8d6b7835ab04ecf616572672b6655ea4ef6d
-
SHA512
c9809a1f1ced2909a6f8ad903ce237e0144a3740447f5e027ed2263055511aca1648ac65360dfd23e676ebad9fe135328080dcad4111cd177aa7fc6ea2099bc0
-
SSDEEP
6144:9i+L6CxGUgwjK8wVg16e3N29TYPsQZogU85b8ZprH+qMPQuPkdoPMFs4nyYUt1t:A+eDz8w8g3QZogT5IZRHUPZM4MS4xUXt
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1