21ae9a58d4336afe1c273e311bf945e4b4f53ea002be191eb763a957d9e05b6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e960e814102daa326b007b2ccd6f16e6.exe
Size

184KB
Sample

240109-wspctafadk
MD5

e960e814102daa326b007b2ccd6f16e6
SHA1

cc40cdce9bb0bb5b04b6a86cb8d8df2354b3f20b
SHA256

21ae9a58d4336afe1c273e311bf945e4b4f53ea002be191eb763a957d9e05b6d
SHA512

c91a70070d42929149ad742ee740a656d3b73daa0f92293c7d6a766ed7c568482f356509691b8fc25328d706cbbf1ac5f4c8d93287ed701db2693ddeea1b21ee
SSDEEP

3072:FI5TBOv9YUdtG716ennADVeMfcRAGKB+uMTEd1CT:Fi2u1tnADVhERAGKB+uSEd

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e960e814102daa326b007b2ccd6f16e6.exe
- Size
  
  184KB
- MD5
  
  e960e814102daa326b007b2ccd6f16e6
- SHA1
  
  cc40cdce9bb0bb5b04b6a86cb8d8df2354b3f20b
- SHA256
  
  21ae9a58d4336afe1c273e311bf945e4b4f53ea002be191eb763a957d9e05b6d
- SHA512
  
  c91a70070d42929149ad742ee740a656d3b73daa0f92293c7d6a766ed7c568482f356509691b8fc25328d706cbbf1ac5f4c8d93287ed701db2693ddeea1b21ee
- SSDEEP
  
  3072:FI5TBOv9YUdtG716ennADVeMfcRAGKB+uMTEd1CT:Fi2u1tnADVhERAGKB+uSEd
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2