ad2ba395a9c421d4132586083e6ce1a2239c2e07b14a548ea291b4e4ae3b7015 | Triage

Sharing

General

Target

6720e403822fb87e8da9644b271736a2
Size

948KB
Sample

240119-j461sahhcj
MD5

6720e403822fb87e8da9644b271736a2
SHA1

a42bfbd5b9a6d8a8c980853c0ef6243ae6a04b10
SHA256

ad2ba395a9c421d4132586083e6ce1a2239c2e07b14a548ea291b4e4ae3b7015
SHA512

30ac5db2b56587425ddc54cb695aa739031e5619b9254d767937a2c162f2571a7f0fdd1a3cd484a3edb4df9a256126468ebc2d81c3c6f6f2a697d33fd9ed336f
SSDEEP

12288:q9YoBXCUv1tCzgoKw5eVb/UCSVqm1HSIDOqc22GzNtz8UFiZGf6Jl5a63jQfNztm:qmfYSkoK0Cqwm1HSL222NC6QG63ENJA

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  6720e403822fb87e8da9644b271736a2
- Size
  
  948KB
- MD5
  
  6720e403822fb87e8da9644b271736a2
- SHA1
  
  a42bfbd5b9a6d8a8c980853c0ef6243ae6a04b10
- SHA256
  
  ad2ba395a9c421d4132586083e6ce1a2239c2e07b14a548ea291b4e4ae3b7015
- SHA512
  
  30ac5db2b56587425ddc54cb695aa739031e5619b9254d767937a2c162f2571a7f0fdd1a3cd484a3edb4df9a256126468ebc2d81c3c6f6f2a697d33fd9ed336f
- SSDEEP
  
  12288:q9YoBXCUv1tCzgoKw5eVb/UCSVqm1HSIDOqc22GzNtz8UFiZGf6Jl5a63jQfNztm:qmfYSkoK0Cqwm1HSL222NC6QG63ENJA
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence