e16aa2b4dd7a4d9268ec8f524c165d28c52ed7d0b0bbe2b46f906d0e2da6ad01 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09dba9bc7c4ac042b36d4c3cfb4c2c76
Size

19KB
Sample

231230-bphqmshahj
MD5

09dba9bc7c4ac042b36d4c3cfb4c2c76
SHA1

766fbe6128037be32846f6e9b78d0aafbc4bd766
SHA256

e16aa2b4dd7a4d9268ec8f524c165d28c52ed7d0b0bbe2b46f906d0e2da6ad01
SHA512

09fa2fb3275cc4650d36def9cb2a625a87050101bff8ca293feb6a1ea9be913d54519fd06241018ca3d383a5cfa3de5af80a4f164fbacdd36683fda4cabda94a
SSDEEP

384:iau0NKw9Y3DjufHiJOWc8FaX9wviRoYEhzS5jstgzwmOYYOZbf:fu04TQiJONoY9wKL6zUrwmIM

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  09dba9bc7c4ac042b36d4c3cfb4c2c76
- Size
  
  19KB
- MD5
  
  09dba9bc7c4ac042b36d4c3cfb4c2c76
- SHA1
  
  766fbe6128037be32846f6e9b78d0aafbc4bd766
- SHA256
  
  e16aa2b4dd7a4d9268ec8f524c165d28c52ed7d0b0bbe2b46f906d0e2da6ad01
- SHA512
  
  09fa2fb3275cc4650d36def9cb2a625a87050101bff8ca293feb6a1ea9be913d54519fd06241018ca3d383a5cfa3de5af80a4f164fbacdd36683fda4cabda94a
- SSDEEP
  
  384:iau0NKw9Y3DjufHiJOWc8FaX9wviRoYEhzS5jstgzwmOYYOZbf:fu04TQiJONoY9wKL6zUrwmIM
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence