7770503c5021c14fde349eaf6d8ae9d36c8eca35ec1589ee5aead06b3de33f9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53e6eab5bf54ff8acc45092550e00a1d
Size

5.5MB
Sample

240111-szqbxabcc4
MD5

53e6eab5bf54ff8acc45092550e00a1d
SHA1

fda3c71b093af24f356ebefd2fdcb411aa542b0b
SHA256

7770503c5021c14fde349eaf6d8ae9d36c8eca35ec1589ee5aead06b3de33f9f
SHA512

cc4e8c21e83779eb6faac1adc64c5f837c65aae796f8cba5e916b7fdd5b9abcc4abcd5ff45965a00989128451a5e78af3315e889a8a7505e6f00fd3ceac31008
SSDEEP

98304:7uHPBwbu62ntT5h/eqIZLFdpTmbszcHCCZat9d6Z/iRvKNMzojGFHliavUQ7UWQk:0pwitntTvPI9pTKsgHCdV3CQoygaMx6

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  53e6eab5bf54ff8acc45092550e00a1d
- Size
  
  5.5MB
- MD5
  
  53e6eab5bf54ff8acc45092550e00a1d
- SHA1
  
  fda3c71b093af24f356ebefd2fdcb411aa542b0b
- SHA256
  
  7770503c5021c14fde349eaf6d8ae9d36c8eca35ec1589ee5aead06b3de33f9f
- SHA512
  
  cc4e8c21e83779eb6faac1adc64c5f837c65aae796f8cba5e916b7fdd5b9abcc4abcd5ff45965a00989128451a5e78af3315e889a8a7505e6f00fd3ceac31008
- SSDEEP
  
  98304:7uHPBwbu62ntT5h/eqIZLFdpTmbszcHCCZat9d6Z/iRvKNMzojGFHliavUQ7UWQk:0pwitntTvPI9pTKsgHCdV3CQoygaMx6
Score

8^/10

evasion persistence
- Stops running service(s)
  evasion
- Uses Session Manager for persistence
  Creates Session Manager registry key to run executable early in system boot.
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2