c66e1bd487a4b6cca57a595ee53dc7a0e6620a35cf00c0100fe2f0b61b91e992 | Triage

Sharing

General

Target

99d87e79ff9e2838b3f31d61b7aac31b
Size

3.7MB
Sample

240213-w7hhtagd55
MD5

99d87e79ff9e2838b3f31d61b7aac31b
SHA1

a2faa1bbc0662c4a9ff57941bf277859c0ab4a10
SHA256

c66e1bd487a4b6cca57a595ee53dc7a0e6620a35cf00c0100fe2f0b61b91e992
SHA512

2f42df8839156d06a800b5d71a8a98065236d8463c44ae363bec892da6cb87395c99343b0ee2004c8e2af5fa41c9ad121da7650efe1aba490053ef306f2ea1be
SSDEEP

98304:eWQ/IGJuz7nOdXvQEeiFKQ8Ktn0oN9zKgSTVgeovKkA5RPtyn7K:eAG8yNIEeDKtnlN9mgShg+PYn2

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  99d87e79ff9e2838b3f31d61b7aac31b
- Size
  
  3.7MB
- MD5
  
  99d87e79ff9e2838b3f31d61b7aac31b
- SHA1
  
  a2faa1bbc0662c4a9ff57941bf277859c0ab4a10
- SHA256
  
  c66e1bd487a4b6cca57a595ee53dc7a0e6620a35cf00c0100fe2f0b61b91e992
- SHA512
  
  2f42df8839156d06a800b5d71a8a98065236d8463c44ae363bec892da6cb87395c99343b0ee2004c8e2af5fa41c9ad121da7650efe1aba490053ef306f2ea1be
- SSDEEP
  
  98304:eWQ/IGJuz7nOdXvQEeiFKQ8Ktn0oN9zKgSTVgeovKkA5RPtyn7K:eAG8yNIEeDKtnlN9mgShg+PYn2
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence