9e701f47f4e4bb10d9d58a0c49ad9be44b3a7aacc43cbc9ead57c8ee78b18a59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67da477faa92235371f05ad318afef02
Size

44KB
Sample

240119-rs8dgafgbj
MD5

67da477faa92235371f05ad318afef02
SHA1

c53a53bf86c5bffcefba216e98d9b2363dd187fa
SHA256

9e701f47f4e4bb10d9d58a0c49ad9be44b3a7aacc43cbc9ead57c8ee78b18a59
SHA512

2645598e004e84e4f486f27597849bd9a430f9fef986be817d401282e691cfcee6b1ce0d930b6e4d97beac1f0374a9042566d0c26c81ff4f6ac95afbe4f7635f
SSDEEP

768:DnuCOSYYhcrUglE/Lp8JjQSId36Ei367:bCSYYhcrUGuLp8Jju69K7

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  67da477faa92235371f05ad318afef02
- Size
  
  44KB
- MD5
  
  67da477faa92235371f05ad318afef02
- SHA1
  
  c53a53bf86c5bffcefba216e98d9b2363dd187fa
- SHA256
  
  9e701f47f4e4bb10d9d58a0c49ad9be44b3a7aacc43cbc9ead57c8ee78b18a59
- SHA512
  
  2645598e004e84e4f486f27597849bd9a430f9fef986be817d401282e691cfcee6b1ce0d930b6e4d97beac1f0374a9042566d0c26c81ff4f6ac95afbe4f7635f
- SSDEEP
  
  768:DnuCOSYYhcrUglE/Lp8JjQSId36Ei367:bCSYYhcrUGuLp8Jju69K7
Score

8^/10

evasion persistence
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence