ee1960bb4e5e70471f8743d335a9b5417ea156d80c0e954fa66b430848d2f9fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e39201be5b564a932b9168e4eecbfbe.exe
Size

40KB
Sample

240109-wygvxsfcbn
MD5

4e39201be5b564a932b9168e4eecbfbe
SHA1

6f7faeb224606b65ac9e3354fa4ada8315e24b4c
SHA256

ee1960bb4e5e70471f8743d335a9b5417ea156d80c0e954fa66b430848d2f9fd
SHA512

8bfe8641388b6cdc7ecf3c37ac3c59607dc7729f282824c65a18300c49a0df327220b903853a90038dedd9d36b2ffb8d81520b185efcc4210186b3d1888ed696
SSDEEP

384:yS7hZ8ZyJDgvOTUqEVkoPp9VKThm2qvBHVr3J3abzVpqgqjEB9xMlIIrcOZWDB05:ySL8ZggiDEV59qwHVrQbzVpJglD4zj

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  4e39201be5b564a932b9168e4eecbfbe.exe
- Size
  
  40KB
- MD5
  
  4e39201be5b564a932b9168e4eecbfbe
- SHA1
  
  6f7faeb224606b65ac9e3354fa4ada8315e24b4c
- SHA256
  
  ee1960bb4e5e70471f8743d335a9b5417ea156d80c0e954fa66b430848d2f9fd
- SHA512
  
  8bfe8641388b6cdc7ecf3c37ac3c59607dc7729f282824c65a18300c49a0df327220b903853a90038dedd9d36b2ffb8d81520b185efcc4210186b3d1888ed696
- SSDEEP
  
  384:yS7hZ8ZyJDgvOTUqEVkoPp9VKThm2qvBHVr3J3abzVpqgqjEB9xMlIIrcOZWDB05:ySL8ZggiDEV59qwHVrQbzVpJglD4zj
Score

10^/10

evasion persistence
- Modifies security service
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence