8d832500cbbace3075f07bee19197e7a1d4d809e74976edfe5ca381ff39bc04c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36d6995557f7171ab3a8dfba2665c83d
Size

272KB
Sample

231231-p4wspsfae8
MD5

36d6995557f7171ab3a8dfba2665c83d
SHA1

852cd7f8484c538537b41c9649b0853165d58307
SHA256

8d832500cbbace3075f07bee19197e7a1d4d809e74976edfe5ca381ff39bc04c
SHA512

04efafd820a8a5c4d65270d961a92e011321eb6a4db49d265b14c80d36d21fe9f9f4a1499edc3b9c9f635169a3532b402f3d8fbb7d39ad42edf1108c3ca1c09a
SSDEEP

6144:2rvZc23dWzCaE3lKs8Xh3V/yK9ioxgssZaT0y:oZc23dr3IsIacioxTWaT

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  36d6995557f7171ab3a8dfba2665c83d
- Size
  
  272KB
- MD5
  
  36d6995557f7171ab3a8dfba2665c83d
- SHA1
  
  852cd7f8484c538537b41c9649b0853165d58307
- SHA256
  
  8d832500cbbace3075f07bee19197e7a1d4d809e74976edfe5ca381ff39bc04c
- SHA512
  
  04efafd820a8a5c4d65270d961a92e011321eb6a4db49d265b14c80d36d21fe9f9f4a1499edc3b9c9f635169a3532b402f3d8fbb7d39ad42edf1108c3ca1c09a
- SSDEEP
  
  6144:2rvZc23dWzCaE3lKs8Xh3V/yK9ioxgssZaT0y:oZc23dr3IsIacioxTWaT
Score

8^/10

evasion persistence
- Disables taskbar notifications via registry modification
  evasion
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2