32fb4ba72431942d7df118f3a4163ba00a9c6647558dbb0524d3bc3cb2bf9db8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1403171a4947f37bf6e400f628c999a7
Size

304KB
Sample

231230-kzvbvsedek
MD5

1403171a4947f37bf6e400f628c999a7
SHA1

788e94ab0afac9f212ae7eb5f9e97ac35f77438e
SHA256

32fb4ba72431942d7df118f3a4163ba00a9c6647558dbb0524d3bc3cb2bf9db8
SHA512

cadf85d840b08e13929fa7e66ae30483c0fd452d957dbd16eea38cdbe77f2eb340c3a97a2a8aac219e7f3b3dea8e732044329ebbb02998bac7c3f0ee65ecabbf
SSDEEP

6144:sdqaKe/9f8AbGcdeoDW+/OWtb9yOPmeAVbfP1r4riA7AroW+nYaFyzf/H551Fjmr:sIy/9UtO2TW00UM5AEPoViJAndeyCp

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  1403171a4947f37bf6e400f628c999a7
- Size
  
  304KB
- MD5
  
  1403171a4947f37bf6e400f628c999a7
- SHA1
  
  788e94ab0afac9f212ae7eb5f9e97ac35f77438e
- SHA256
  
  32fb4ba72431942d7df118f3a4163ba00a9c6647558dbb0524d3bc3cb2bf9db8
- SHA512
  
  cadf85d840b08e13929fa7e66ae30483c0fd452d957dbd16eea38cdbe77f2eb340c3a97a2a8aac219e7f3b3dea8e732044329ebbb02998bac7c3f0ee65ecabbf
- SSDEEP
  
  6144:sdqaKe/9f8AbGcdeoDW+/OWtb9yOPmeAVbfP1r4riA7AroW+nYaFyzf/H551Fjmr:sIy/9UtO2TW00UM5AEPoViJAndeyCp
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2