98ba0eace481b0462e7e306f87b151a9445f6e71f676a97a9bdab77d643bc1fd | Triage

Sharing

General

Target

0480e4cfa319fada861bad6fdcae6475
Size

116KB
Sample

231229-1dmynahch6
MD5

0480e4cfa319fada861bad6fdcae6475
SHA1

0f7d5ab1f91894d04acfedb15ba387e9ed34da08
SHA256

98ba0eace481b0462e7e306f87b151a9445f6e71f676a97a9bdab77d643bc1fd
SHA512

7056d7945a7e606a9df1220b9720ee9e5484f18c26be364d64c76398979625862471447d7ecd4256c948b7f9e3298e14b28290f6e8fcbbb5817691276c7829c6
SSDEEP

3072:Afcl+7jQq3piXYkXzwwj2vvO9fCvou/tGWZfVwMS:l/kuwlvW9JCfn

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  0480e4cfa319fada861bad6fdcae6475
- Size
  
  116KB
- MD5
  
  0480e4cfa319fada861bad6fdcae6475
- SHA1
  
  0f7d5ab1f91894d04acfedb15ba387e9ed34da08
- SHA256
  
  98ba0eace481b0462e7e306f87b151a9445f6e71f676a97a9bdab77d643bc1fd
- SHA512
  
  7056d7945a7e606a9df1220b9720ee9e5484f18c26be364d64c76398979625862471447d7ecd4256c948b7f9e3298e14b28290f6e8fcbbb5817691276c7829c6
- SSDEEP
  
  3072:Afcl+7jQq3piXYkXzwwj2vvO9fCvou/tGWZfVwMS:l/kuwlvW9JCfn
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence