ba74b6a1a5051cf4a7e51b14f6a8caa491cc3d91e63898c524fbe5fd5f387e3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

033ecb36e95282de7f92d54f6c81d3a2
Size

51KB
Sample

231229-zbv1tagdg6
MD5

033ecb36e95282de7f92d54f6c81d3a2
SHA1

10ae0b09fa2840b1938a445ce95ad81b5b7c851e
SHA256

ba74b6a1a5051cf4a7e51b14f6a8caa491cc3d91e63898c524fbe5fd5f387e3a
SHA512

0a6713ca1db166dceee22233b89749744a6251d6a2f1b65050457d6618f3ea4bc81e4f514f87f46a0dd130a348ff7dbc824b2490bff339d31c5acbeddc7f802a
SSDEEP

768:fzcbRyDqDeFpZaQhXgJHZLrTq+HHetyP1+4xw/8lUBgEoCxmOdrCCQFq5552e1W9:fzfeDeTZaQVErlHeAY5kygmzkkLcN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  033ecb36e95282de7f92d54f6c81d3a2
- Size
  
  51KB
- MD5
  
  033ecb36e95282de7f92d54f6c81d3a2
- SHA1
  
  10ae0b09fa2840b1938a445ce95ad81b5b7c851e
- SHA256
  
  ba74b6a1a5051cf4a7e51b14f6a8caa491cc3d91e63898c524fbe5fd5f387e3a
- SHA512
  
  0a6713ca1db166dceee22233b89749744a6251d6a2f1b65050457d6618f3ea4bc81e4f514f87f46a0dd130a348ff7dbc824b2490bff339d31c5acbeddc7f802a
- SSDEEP
  
  768:fzcbRyDqDeFpZaQhXgJHZLrTq+HHetyP1+4xw/8lUBgEoCxmOdrCCQFq5552e1W9:fzfeDeTZaQVErlHeAY5kygmzkkLcN
Score

8^/10

persistence
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2