9424fd2d2836598521a802e1a66e741a9396a9d2d42336d99cad57d066653566 | Triage

Sharing

General

Target

7b754d6f8862bbaa6130edcb5c5ac8aa
Size

24KB
Sample

240127-2gqpdsdfg2
MD5

7b754d6f8862bbaa6130edcb5c5ac8aa
SHA1

d7684894136b6f9c29f5c96e6b9f3980136f015b
SHA256

9424fd2d2836598521a802e1a66e741a9396a9d2d42336d99cad57d066653566
SHA512

65ccc4506ab57d39cfd04b7e23b216b7c027a4cd5f1f30687f10794a323c897589c35b15330039583ea0e686b31bb348eff65ba0d855b54db486573972555080
SSDEEP

384:AQUPnisXB4HhpexbGAjFAG1h4VHUB+3hXr9DxTeiaRiaxOcvVIa:ATPnismHhpiXj+G12VHBpVxsiWNV9

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  7b754d6f8862bbaa6130edcb5c5ac8aa
- Size
  
  24KB
- MD5
  
  7b754d6f8862bbaa6130edcb5c5ac8aa
- SHA1
  
  d7684894136b6f9c29f5c96e6b9f3980136f015b
- SHA256
  
  9424fd2d2836598521a802e1a66e741a9396a9d2d42336d99cad57d066653566
- SHA512
  
  65ccc4506ab57d39cfd04b7e23b216b7c027a4cd5f1f30687f10794a323c897589c35b15330039583ea0e686b31bb348eff65ba0d855b54db486573972555080
- SSDEEP
  
  384:AQUPnisXB4HhpexbGAjFAG1h4VHUB+3hXr9DxTeiaRiaxOcvVIa:ATPnismHhpiXj+G12VHBpVxsiWNV9
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence