General
-
Target
002b85a737c2a06f93b05aa6f274bc9e
-
Size
23KB
-
Sample
231229-wt5q7abec4
-
MD5
002b85a737c2a06f93b05aa6f274bc9e
-
SHA1
81f7429a92bb72b0397c62e9f7c15491d7b8e2bd
-
SHA256
e19eb167e8943a65ba4e8ae4d897d1f8f6ccfb1cb554374945d739a99100c2b3
-
SHA512
9af489af65e23c82409022a7668cb168da6c2976078623c97a5e0523d989444146126d71d6b2f63a869e1d0f11e3cee047527c3703a7bdb998e20128c08f3808
-
SSDEEP
384:AidD9d6GAKuQBrPmf2ZTdmYUDSjMAVIESySzEN8d3CWev:1WyNN4CMAVwENa3C7
Malware Config
Targets
-
-
Target
002b85a737c2a06f93b05aa6f274bc9e
-
Size
23KB
-
MD5
002b85a737c2a06f93b05aa6f274bc9e
-
SHA1
81f7429a92bb72b0397c62e9f7c15491d7b8e2bd
-
SHA256
e19eb167e8943a65ba4e8ae4d897d1f8f6ccfb1cb554374945d739a99100c2b3
-
SHA512
9af489af65e23c82409022a7668cb168da6c2976078623c97a5e0523d989444146126d71d6b2f63a869e1d0f11e3cee047527c3703a7bdb998e20128c08f3808
-
SSDEEP
384:AidD9d6GAKuQBrPmf2ZTdmYUDSjMAVIESySzEN8d3CWev:1WyNN4CMAVwENa3C7
Score10/10-
Modifies firewall policy service
-
Modifies AppInit DLL entries
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1