c262cbd025af8b2b215f2086d1099d0d40d75a2d07358f0f1e8fa292f434b281 | Triage

Sharing

General

Target

597b0e66df83b0b4808a72fb1a93895a.bin
Size

272KB
Sample

240115-cpxp8sfdgp
MD5

597b0e66df83b0b4808a72fb1a93895a
SHA1

55c6acd4c5461da7609d55049afaebecee07fca4
SHA256

c262cbd025af8b2b215f2086d1099d0d40d75a2d07358f0f1e8fa292f434b281
SHA512

ec1e038d6e95bfe0a9e1e8c6ca57dad925de148f1c80e38392f1dc699939939c67c1f20a34980269fc52a08613141c8c534ca6c2e7645fb947df6ae248906e01
SSDEEP

768:1CRQ3LifeRrTGfy/dsULRfw16vtjrbuRejJMBLV5cQGX3k:1CG+l+oAjWRAaBLztGX0

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  597b0e66df83b0b4808a72fb1a93895a.bin
- Size
  
  272KB
- MD5
  
  597b0e66df83b0b4808a72fb1a93895a
- SHA1
  
  55c6acd4c5461da7609d55049afaebecee07fca4
- SHA256
  
  c262cbd025af8b2b215f2086d1099d0d40d75a2d07358f0f1e8fa292f434b281
- SHA512
  
  ec1e038d6e95bfe0a9e1e8c6ca57dad925de148f1c80e38392f1dc699939939c67c1f20a34980269fc52a08613141c8c534ca6c2e7645fb947df6ae248906e01
- SSDEEP
  
  768:1CRQ3LifeRrTGfy/dsULRfw16vtjrbuRejJMBLV5cQGX3k:1CG+l+oAjWRAaBLztGX0
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence