d1377d5ddd74c442985b9a930cb0e68dd2a2bc1ebdc193104b9b755b48d325b1 | Triage

Sharing

General

Target

00621f7a04043930fcd2ed426e40b5bb
Size

23KB
Sample

231229-w2m64sdbe7
MD5

00621f7a04043930fcd2ed426e40b5bb
SHA1

1f0ebede28ef97b0193712b3e3dcfaa541054f6f
SHA256

d1377d5ddd74c442985b9a930cb0e68dd2a2bc1ebdc193104b9b755b48d325b1
SHA512

2b96af651c384b6c815f41c32684b7de9e8d80584d6bd0e8b0b9e3d7007ef5ea0978ac4b98cba8cc0d862df85e1397c13501a8f4e7123f31caa6dbdf63b35156
SSDEEP

384:EidD9d6GAHQBrDdFI0EHjm+PRfQXjqY+JE+KPz6neb4P2Ujal3:Ruy/Cm6fQzqYt76nc4jG

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  00621f7a04043930fcd2ed426e40b5bb
- Size
  
  23KB
- MD5
  
  00621f7a04043930fcd2ed426e40b5bb
- SHA1
  
  1f0ebede28ef97b0193712b3e3dcfaa541054f6f
- SHA256
  
  d1377d5ddd74c442985b9a930cb0e68dd2a2bc1ebdc193104b9b755b48d325b1
- SHA512
  
  2b96af651c384b6c815f41c32684b7de9e8d80584d6bd0e8b0b9e3d7007ef5ea0978ac4b98cba8cc0d862df85e1397c13501a8f4e7123f31caa6dbdf63b35156
- SSDEEP
  
  384:EidD9d6GAHQBrDdFI0EHjm+PRfQXjqY+JE+KPz6neb4P2Ujal3:Ruy/Cm6fQzqYt76nc4jG
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence