6144f955f35addc613fd736fe70f5c14b3d99f8199237e4db8f363d654576454 | Triage

Sharing

General

Target

VirusShare_acfb18c0f01e25f7b67c668a735bf9b7
Size

123KB
Sample

240204-pd4evsghc3
MD5

acfb18c0f01e25f7b67c668a735bf9b7
SHA1

520cc87d78d51f5aea6752c99217ecae9a1096ab
SHA256

6144f955f35addc613fd736fe70f5c14b3d99f8199237e4db8f363d654576454
SHA512

30a21d92666d306dc107c0fa633b0d1eb68bea08d07279f94dba0c0fbaa448b8f1d20239f784c73119f3227610996508e9ebdda5e7c7573cb30d6e3b5df76fcc
SSDEEP

3072:LPwDfVJN2qsUaM9XBzde38vRszEZiIMgh/l+q//kZM:TwDfDN2dUaMbPRszEwILR/8q

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  VirusShare_acfb18c0f01e25f7b67c668a735bf9b7
- Size
  
  123KB
- MD5
  
  acfb18c0f01e25f7b67c668a735bf9b7
- SHA1
  
  520cc87d78d51f5aea6752c99217ecae9a1096ab
- SHA256
  
  6144f955f35addc613fd736fe70f5c14b3d99f8199237e4db8f363d654576454
- SHA512
  
  30a21d92666d306dc107c0fa633b0d1eb68bea08d07279f94dba0c0fbaa448b8f1d20239f784c73119f3227610996508e9ebdda5e7c7573cb30d6e3b5df76fcc
- SSDEEP
  
  3072:LPwDfVJN2qsUaM9XBzde38vRszEZiIMgh/l+q//kZM:TwDfDN2dUaMbPRszEwILR/8q
Score

8^/10

evasion persistence
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence