cd9e6cfe503991a73d3d1edfb13b08a40282849fc5edb459c333fbe79867f8e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

006f16e00b0792d8b8115d144332da93
Size

512KB
Sample

231229-w3wvmsabbl
MD5

006f16e00b0792d8b8115d144332da93
SHA1

b704f390db3f42ba474394746d6b6ceaab259d66
SHA256

cd9e6cfe503991a73d3d1edfb13b08a40282849fc5edb459c333fbe79867f8e4
SHA512

4134e909f974bcfc34f7ca5b2950ddb522ae53921645317d566c36aa3e8f00d3573bc9b20c747647c794db9f7a38db9363118b06d075951fc63f076597c4dbac
SSDEEP

384:4PyZNjtU2myEgkfb3yHPh9O32LbNAirMAa1jf9onEZP5GlzXtZEmNXVkLSYN:oyZeDfurO3SN5rOfqPXtZDVk+u

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  006f16e00b0792d8b8115d144332da93
- Size
  
  512KB
- MD5
  
  006f16e00b0792d8b8115d144332da93
- SHA1
  
  b704f390db3f42ba474394746d6b6ceaab259d66
- SHA256
  
  cd9e6cfe503991a73d3d1edfb13b08a40282849fc5edb459c333fbe79867f8e4
- SHA512
  
  4134e909f974bcfc34f7ca5b2950ddb522ae53921645317d566c36aa3e8f00d3573bc9b20c747647c794db9f7a38db9363118b06d075951fc63f076597c4dbac
- SSDEEP
  
  384:4PyZNjtU2myEgkfb3yHPh9O32LbNAirMAa1jf9onEZP5GlzXtZEmNXVkLSYN:oyZeDfurO3SN5rOfqPXtZDVk+u
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence