5a911be4a93750ad02b0070fc52af190c178d884d2291546ece8b30718bcb1c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b449c89b8bf48cbda3f85135d80c447
Size

72KB
Sample

231231-2tl7qsfehn
MD5

3b449c89b8bf48cbda3f85135d80c447
SHA1

d6112e90ee0c02b8f5c1d71682c09a02d5ee5f23
SHA256

5a911be4a93750ad02b0070fc52af190c178d884d2291546ece8b30718bcb1c1
SHA512

71f96ece9587797bac680e67750db9eb9163fb35fcf817eddc143dcabef46bb564a9dfae3f050025fbea930539073e4c33038d1940ef80316764b025b4dd7e07
SSDEEP

768:M9Y4gWpJqddHs/FcpgwgN4Yle9JwVnHkB9/fq6WIuX548SgrXI8z5pm1EjK8OHuz:fYcGbNMdfq6WzX54rgDr52TYIseU7r

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  3b449c89b8bf48cbda3f85135d80c447
- Size
  
  72KB
- MD5
  
  3b449c89b8bf48cbda3f85135d80c447
- SHA1
  
  d6112e90ee0c02b8f5c1d71682c09a02d5ee5f23
- SHA256
  
  5a911be4a93750ad02b0070fc52af190c178d884d2291546ece8b30718bcb1c1
- SHA512
  
  71f96ece9587797bac680e67750db9eb9163fb35fcf817eddc143dcabef46bb564a9dfae3f050025fbea930539073e4c33038d1940ef80316764b025b4dd7e07
- SSDEEP
  
  768:M9Y4gWpJqddHs/FcpgwgN4Yle9JwVnHkB9/fq6WIuX548SgrXI8z5pm1EjK8OHuz:fYcGbNMdfq6WzX54rgDr52TYIseU7r
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence