d024f5e59b68c85d16a3533e8bc1d879694761280458343a30b14747e6bd1ea2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0002f9a0c5353a3407661df9d2491913
Size

515KB
Sample

231229-wpfaqseehq
MD5

0002f9a0c5353a3407661df9d2491913
SHA1

7f0a30a5216c395951f919992e6743e4822eef20
SHA256

d024f5e59b68c85d16a3533e8bc1d879694761280458343a30b14747e6bd1ea2
SHA512

911ba2ffd4d6eff6bd40fa7c03aa851a49d18960e3238834ca87d9ac28e45bf6f4336757433964b3bb386b66727085445312d058bd3120f6600f88c810c47d25
SSDEEP

384:cidD9d6GAfwjkBrMNJacGeWgZZKRdxpx+miSyS9gKa+GJJhwIDSGcEywZoMoOzuO:JG6kdMNWebZAzh+wdGfPSGSXeuUegSa

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0002f9a0c5353a3407661df9d2491913
- Size
  
  515KB
- MD5
  
  0002f9a0c5353a3407661df9d2491913
- SHA1
  
  7f0a30a5216c395951f919992e6743e4822eef20
- SHA256
  
  d024f5e59b68c85d16a3533e8bc1d879694761280458343a30b14747e6bd1ea2
- SHA512
  
  911ba2ffd4d6eff6bd40fa7c03aa851a49d18960e3238834ca87d9ac28e45bf6f4336757433964b3bb386b66727085445312d058bd3120f6600f88c810c47d25
- SSDEEP
  
  384:cidD9d6GAfwjkBrMNJacGeWgZZKRdxpx+miSyS9gKa+GJJhwIDSGcEywZoMoOzuO:JG6kdMNWebZAzh+wdGfPSGSXeuUegSa
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2