62e1bb1f20e37793494d0111a493e74dba87fbbffcd325071dbd8a0011263aeb | Triage

Sharing

General

Target

002e981a25acbbd090e0b03eab5c2fbd
Size

2.0MB
Sample

231229-wvlppsbfc3
MD5

002e981a25acbbd090e0b03eab5c2fbd
SHA1

a66a2111b8b351b10d0ceab4b97631d2c1b198b4
SHA256

62e1bb1f20e37793494d0111a493e74dba87fbbffcd325071dbd8a0011263aeb
SHA512

5a9403e28dc397475d03752c85ec71d226efa709684bd9a981ebc467bac5480456792652edc4d548232c4e67d6189e2bd09a00b524816d4a9977b0a5ace47bd1
SSDEEP

384:V1PyZNjtU2mqoJ/zTiquwjTTEPEIshjTVzEl1UyGh:VNyZrKMGkFstTJEl1g

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  002e981a25acbbd090e0b03eab5c2fbd
- Size
  
  2.0MB
- MD5
  
  002e981a25acbbd090e0b03eab5c2fbd
- SHA1
  
  a66a2111b8b351b10d0ceab4b97631d2c1b198b4
- SHA256
  
  62e1bb1f20e37793494d0111a493e74dba87fbbffcd325071dbd8a0011263aeb
- SHA512
  
  5a9403e28dc397475d03752c85ec71d226efa709684bd9a981ebc467bac5480456792652edc4d548232c4e67d6189e2bd09a00b524816d4a9977b0a5ace47bd1
- SSDEEP
  
  384:V1PyZNjtU2mqoJ/zTiquwjTTEPEIshjTVzEl1UyGh:VNyZrKMGkFstTJEl1g
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence