4078eb0da789bd9078293270aa844198df61cee77cf5a1abba384ebaea5a1900 | Triage

Resubmissions

12/02/2024, 12:09

240212-pbwx1aee93 8

12/02/2024, 12:01

240212-n65b7aed95 8

Sharing

General

Target

New Compressed (zipped) Folder.zip
Size

4.1MB
Sample

240212-pbwx1aee93
MD5

98617c4e6c838a14ba72154bdc8680cd
SHA1

ecda88de21fddf6918dc593b9a57dbb90b849666
SHA256

4078eb0da789bd9078293270aa844198df61cee77cf5a1abba384ebaea5a1900
SHA512

70bf915a5d3a348b3c0ae17c9003a757701697dbfa9f0a53058c7466c9a10bf755607c85e8d527e54ed3b350cc85251977875357f3239ef53fa47ddaad7eef5a
SSDEEP

98304:BK1ecxFdpY0OI2wsPm5M9JpQ7aIfNTog9g44wcUtUaiOh2:Bx0dp995KJpQzfNGX

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  Loader.exe
- Size
  
  5.2MB
- MD5
  
  91cdbc8e1b2c630d55fd31727f035b0a
- SHA1
  
  b259d7de7507c08ac68c138a28179657820fce38
- SHA256
  
  ad7421222bcaddd68f3e875f6efa5b2a2c0ad0cfaaa41d52f789d2ece4fdbd96
- SHA512
  
  321449dbcab195d6bc55d1051b03ce1b7b83390abe9fbeaa11c5d5e43194b93db96d6f68e672d6318794f206ad2a69e3cf6c873cbfeb46ebd833e3bac1b11ca6
- SSDEEP
  
  98304:ly3GH9ciRzVvG949re0yUOOCayngG+FSY8dqVePmNhdHIpq0HhIqgW2htNEkCv5L:ly2dd3GW9q0yUOOhyS8AVePi0ZHhf2ho
Score

8^/10

evasion persistence
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence