General
-
Target
1069495f653078a8051bda0353575790
-
Size
120KB
-
Sample
231230-gkclqaafe5
-
MD5
1069495f653078a8051bda0353575790
-
SHA1
e2f7f5f6a492c8e0e832f5b97b5ebdd92150c2a2
-
SHA256
55c729f2c9c1b66332c92d1d643573edd9b660bd806afa30db57b5f1e49ec67f
-
SHA512
c98d47c7aa7f4c023dfa66b93fffd17b39e37720e069338883f7a64dc9ccd0b6f1f0e84507533562756b9644f373186339de88d2a40dfdcee4e32d05ec484734
-
SSDEEP
1536:UixUazxHSf4qCQjG/j4VBRgE2j4fYrI/tKf9kcMSG1VAmaXt5F75/QrAS:J1ODw4nRgFZBMSGPoXXYMS
Malware Config
Targets
-
-
Target
1069495f653078a8051bda0353575790
-
Size
120KB
-
MD5
1069495f653078a8051bda0353575790
-
SHA1
e2f7f5f6a492c8e0e832f5b97b5ebdd92150c2a2
-
SHA256
55c729f2c9c1b66332c92d1d643573edd9b660bd806afa30db57b5f1e49ec67f
-
SHA512
c98d47c7aa7f4c023dfa66b93fffd17b39e37720e069338883f7a64dc9ccd0b6f1f0e84507533562756b9644f373186339de88d2a40dfdcee4e32d05ec484734
-
SSDEEP
1536:UixUazxHSf4qCQjG/j4VBRgE2j4fYrI/tKf9kcMSG1VAmaXt5F75/QrAS:J1ODw4nRgFZBMSGPoXXYMS
Score10/10-
Modifies firewall policy service
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2