c21a385518fbce79386a9d1979de6c6065c8e263d708fc439e677714ea821cc7 | Triage

Sharing

General

Target

005a6354aab86ccaa86ffb369bfb5cf4
Size

21KB
Sample

231229-w1wrvshehj
MD5

005a6354aab86ccaa86ffb369bfb5cf4
SHA1

d579608e397c180bd6c771f6d0a5ab01107be24e
SHA256

c21a385518fbce79386a9d1979de6c6065c8e263d708fc439e677714ea821cc7
SHA512

e5e7f96af24e3a8041c7bef962fc6588d2e1643863d055ad5814454d1f6c2230c1bf170245685b6aa07916d69f9707e21acd8bc3c094a9d9fe8df2e27957a2ff
SSDEEP

384:ePyZNjtU2mvgOny0HXx4zxfgbvAqVDM/Z/jP+7KZzEipG720VF:eyZm6aqxfUvh1wP+7sEipGV

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  005a6354aab86ccaa86ffb369bfb5cf4
- Size
  
  21KB
- MD5
  
  005a6354aab86ccaa86ffb369bfb5cf4
- SHA1
  
  d579608e397c180bd6c771f6d0a5ab01107be24e
- SHA256
  
  c21a385518fbce79386a9d1979de6c6065c8e263d708fc439e677714ea821cc7
- SHA512
  
  e5e7f96af24e3a8041c7bef962fc6588d2e1643863d055ad5814454d1f6c2230c1bf170245685b6aa07916d69f9707e21acd8bc3c094a9d9fe8df2e27957a2ff
- SSDEEP
  
  384:ePyZNjtU2mvgOny0HXx4zxfgbvAqVDM/Z/jP+7KZzEipG720VF:eyZm6aqxfUvh1wP+7sEipGV
Score

10^/10

persistence evasion
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence