General
-
Target
0158614b007740c5063cdefc1cd4b980
-
Size
23KB
-
Sample
231229-xwbfsscag4
-
MD5
0158614b007740c5063cdefc1cd4b980
-
SHA1
fe5211a153a3da12434d73f354aee3bddb5bfd80
-
SHA256
effe4874100cd0675ee5db921190fba8625ae020e6b4ea95d7cc8f2df5e077af
-
SHA512
db8669307d981ac947aa4f4f87e182a746d859f230806d56617ef027969f747d47b76864fb524afb480c39a89094c2aabeb4319733c6de321656329872f53e7a
-
SSDEEP
384:bPyZNjtU2mm4HlXoqbz6U8XaQiUFnsqhPjixjAJj8oPzxiC1/jkmLC:DyZn24qqU8qQdHuxE88xiC1/A7
Malware Config
Targets
-
-
Target
0158614b007740c5063cdefc1cd4b980
-
Size
23KB
-
MD5
0158614b007740c5063cdefc1cd4b980
-
SHA1
fe5211a153a3da12434d73f354aee3bddb5bfd80
-
SHA256
effe4874100cd0675ee5db921190fba8625ae020e6b4ea95d7cc8f2df5e077af
-
SHA512
db8669307d981ac947aa4f4f87e182a746d859f230806d56617ef027969f747d47b76864fb524afb480c39a89094c2aabeb4319733c6de321656329872f53e7a
-
SSDEEP
384:bPyZNjtU2mm4HlXoqbz6U8XaQiUFnsqhPjixjAJj8oPzxiC1/jkmLC:DyZn24qqU8qQdHuxE88xiC1/A7
Score10/10-
Modifies firewall policy service
-
Modifies AppInit DLL entries
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1