cb5fc35dd66afae158e3f3ed88392674bf01911b1c2e1b18448a2c304fca4988 | Triage

Sharing

General

Target

79a49c423e1529713458feb9c6aea0a4
Size

26KB
Sample

240127-jdcn9afha2
MD5

79a49c423e1529713458feb9c6aea0a4
SHA1

b8dce0ca5374b39b16553a3d58bfb5d5e08b70dd
SHA256

cb5fc35dd66afae158e3f3ed88392674bf01911b1c2e1b18448a2c304fca4988
SHA512

1ee401bca247da468d69adc4847b6633ace78200848a3c35bbfb42e8aa7aacec29ed83a9352a8b716993d179ee58457d362f630f3aa4001b8dc5c659ccc7bfed
SSDEEP

384:Z3wIRPwm9kQ4T6Pe5LdSA1+xQu36jHJp0W98gcSQs5rT/e0ca6oJURS3b2ra5b:BF594iSdSg0oxJB/MDS3im5

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  79a49c423e1529713458feb9c6aea0a4
- Size
  
  26KB
- MD5
  
  79a49c423e1529713458feb9c6aea0a4
- SHA1
  
  b8dce0ca5374b39b16553a3d58bfb5d5e08b70dd
- SHA256
  
  cb5fc35dd66afae158e3f3ed88392674bf01911b1c2e1b18448a2c304fca4988
- SHA512
  
  1ee401bca247da468d69adc4847b6633ace78200848a3c35bbfb42e8aa7aacec29ed83a9352a8b716993d179ee58457d362f630f3aa4001b8dc5c659ccc7bfed
- SSDEEP
  
  384:Z3wIRPwm9kQ4T6Pe5LdSA1+xQu36jHJp0W98gcSQs5rT/e0ca6oJURS3b2ra5b:BF594iSdSg0oxJB/MDS3im5
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence