fb4a64e493a5af273e1f99d4fecaaf8cecb05b987c5f98cf90152ca17c81a0ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0004d4a3c61b729cbae8deba152d0552
Size

24KB
Sample

231229-wpp5yaefep
MD5

0004d4a3c61b729cbae8deba152d0552
SHA1

d6edfeb5e7b059e28ba8d04e4812f41dddea4234
SHA256

fb4a64e493a5af273e1f99d4fecaaf8cecb05b987c5f98cf90152ca17c81a0ec
SHA512

f2f584868d9c1d15f7cddbaec8497af8fb35947f2723c7944e8fc744a7228bbb9799dc0bb855bde7a0ce80f9cc1f2899ad8b0c10dddf3a4da626bdc7b66ea40b
SSDEEP

384:lSdD9d6GoPSARTPdSiqaBaq3ost7ncAljOwEJiDUzx/uhyzd:sLaPRJaqztrcgOjiD0x/um

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0004d4a3c61b729cbae8deba152d0552
- Size
  
  24KB
- MD5
  
  0004d4a3c61b729cbae8deba152d0552
- SHA1
  
  d6edfeb5e7b059e28ba8d04e4812f41dddea4234
- SHA256
  
  fb4a64e493a5af273e1f99d4fecaaf8cecb05b987c5f98cf90152ca17c81a0ec
- SHA512
  
  f2f584868d9c1d15f7cddbaec8497af8fb35947f2723c7944e8fc744a7228bbb9799dc0bb855bde7a0ce80f9cc1f2899ad8b0c10dddf3a4da626bdc7b66ea40b
- SSDEEP
  
  384:lSdD9d6GoPSARTPdSiqaBaq3ost7ncAljOwEJiDUzx/uhyzd:sLaPRJaqztrcgOjiD0x/um
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence