a3af90beb26f216055b433be66fe8e9d50790618cee281d5b186a778656d88a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0003c17476806b4c0996734bdc80c71c
Size

24KB
Sample

231229-wpkkfsefcj
MD5

0003c17476806b4c0996734bdc80c71c
SHA1

3dc5218f3a654fe449dc98b89a5fbd30da9ca291
SHA256

a3af90beb26f216055b433be66fe8e9d50790618cee281d5b186a778656d88a4
SHA512

80abf6972fe5e5591ae4b35f17633c6afd06d9e6b39678ea4aa9dae8b7bf080d63983fec7e176dac11ce37d0f3048622bc6b3e4a7bed5b4a3aab00f63112160b
SSDEEP

384:RdD9d6G4f/r1HRqPDuwpcxHhuVYISuGq2PjeIIEwnCmazwIPf2Z13R:RKHqtpgEVYISuYbeInmawIPf2Zr

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0003c17476806b4c0996734bdc80c71c
- Size
  
  24KB
- MD5
  
  0003c17476806b4c0996734bdc80c71c
- SHA1
  
  3dc5218f3a654fe449dc98b89a5fbd30da9ca291
- SHA256
  
  a3af90beb26f216055b433be66fe8e9d50790618cee281d5b186a778656d88a4
- SHA512
  
  80abf6972fe5e5591ae4b35f17633c6afd06d9e6b39678ea4aa9dae8b7bf080d63983fec7e176dac11ce37d0f3048622bc6b3e4a7bed5b4a3aab00f63112160b
- SSDEEP
  
  384:RdD9d6G4f/r1HRqPDuwpcxHhuVYISuGq2PjeIIEwnCmazwIPf2Z13R:RKHqtpgEVYISuYbeInmawIPf2Zr
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence