f1ea84962eb6754cd1db5f3194f4965e1471348a6cdf52e704c1de9893369716 | Triage

Sharing

General

Target

004ad8caf0a1a40a71a98447763586b2
Size

512KB
Sample

231229-wyz2hahaen
MD5

004ad8caf0a1a40a71a98447763586b2
SHA1

18b8b4f5b041ad306f8ba0c8a235f3798b55b09b
SHA256

f1ea84962eb6754cd1db5f3194f4965e1471348a6cdf52e704c1de9893369716
SHA512

e5f8faa318673b6e26781b078881342e7ecbc35acbdf44b75c7fde730787f2518b645f548aa4636226b1dca1ed104e84bbe68bbd8711af6af565379fbc0ba9b2
SSDEEP

384:AUOr5NKZ2K1I1KmPuL3T0gwB6U41fuJV4j18QYEjtMh5CezEyBYYOluf0j:0r5kWKo/8Uaf0YWQZy5REyFr+

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  004ad8caf0a1a40a71a98447763586b2
- Size
  
  512KB
- MD5
  
  004ad8caf0a1a40a71a98447763586b2
- SHA1
  
  18b8b4f5b041ad306f8ba0c8a235f3798b55b09b
- SHA256
  
  f1ea84962eb6754cd1db5f3194f4965e1471348a6cdf52e704c1de9893369716
- SHA512
  
  e5f8faa318673b6e26781b078881342e7ecbc35acbdf44b75c7fde730787f2518b645f548aa4636226b1dca1ed104e84bbe68bbd8711af6af565379fbc0ba9b2
- SSDEEP
  
  384:AUOr5NKZ2K1I1KmPuL3T0gwB6U41fuJV4j18QYEjtMh5CezEyBYYOluf0j:0r5kWKo/8Uaf0YWQZy5REyFr+
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence