1174995b7eca1869929bbc8026d17bb60cfa8310a570bd5611908caca15deead | Triage

Sharing

General

Target

45af3ee5c1252a150d1652574d6da322
Size

83KB
Sample

240106-jqd3vaceh5
MD5

45af3ee5c1252a150d1652574d6da322
SHA1

d28c518df33624496514f7ecdc16ffdf7ee19a26
SHA256

1174995b7eca1869929bbc8026d17bb60cfa8310a570bd5611908caca15deead
SHA512

e3554bddd6cccfd695583785356548dad0679efea9ded6a6f6eec481a378c4f9eb93ce50cb77bb0eeb53f8e76a5daed9eb7ba40d60a1de4614bbb62ef5461430
SSDEEP

1536:+ocEVv0azBsFgr4NYLrAA73xJKLMWngDKVeJqlTuo:7cGeyL/nKHngDKVeJqlSo

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  45af3ee5c1252a150d1652574d6da322
- Size
  
  83KB
- MD5
  
  45af3ee5c1252a150d1652574d6da322
- SHA1
  
  d28c518df33624496514f7ecdc16ffdf7ee19a26
- SHA256
  
  1174995b7eca1869929bbc8026d17bb60cfa8310a570bd5611908caca15deead
- SHA512
  
  e3554bddd6cccfd695583785356548dad0679efea9ded6a6f6eec481a378c4f9eb93ce50cb77bb0eeb53f8e76a5daed9eb7ba40d60a1de4614bbb62ef5461430
- SSDEEP
  
  1536:+ocEVv0azBsFgr4NYLrAA73xJKLMWngDKVeJqlTuo:7cGeyL/nKHngDKVeJqlSo
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence