694c523f52f413055225e9bd8ff06e7d0c6ba8bc91b7ca54b9b8f9cc667e8ff0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.TScope.Trojan.MSIL.24551.20725.exe
Size

22KB
Sample

240306-mh78hagh4v
MD5

dc0a3066f049c381a4d0397dae77d629
SHA1

f600de59a5fc29881954262562896a44cd7c85bb
SHA256

694c523f52f413055225e9bd8ff06e7d0c6ba8bc91b7ca54b9b8f9cc667e8ff0
SHA512

3737258c8a527fdc839a88f7bf5c838af3b5d429f0cb7a33f6a285a942a2a0e897130dfbf64fd0135fad8bfba3e19196d45e127602392fcd8b61ac9f889045eb
SSDEEP

384:FZYRT4ItGi5gSM45d5W4MLRfTokY2ZWlumWv7ONWssCzYcCe:bYR8NieS7crWEDjC5zYcCe

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  SecuriteInfo.com.TScope.Trojan.MSIL.24551.20725.exe
- Size
  
  22KB
- MD5
  
  dc0a3066f049c381a4d0397dae77d629
- SHA1
  
  f600de59a5fc29881954262562896a44cd7c85bb
- SHA256
  
  694c523f52f413055225e9bd8ff06e7d0c6ba8bc91b7ca54b9b8f9cc667e8ff0
- SHA512
  
  3737258c8a527fdc839a88f7bf5c838af3b5d429f0cb7a33f6a285a942a2a0e897130dfbf64fd0135fad8bfba3e19196d45e127602392fcd8b61ac9f889045eb
- SSDEEP
  
  384:FZYRT4ItGi5gSM45d5W4MLRfTokY2ZWlumWv7ONWssCzYcCe:bYR8NieS7crWEDjC5zYcCe
Score

8^/10

evasion persistence
- Creates new service(s)
  persistence
- Stops running service(s)
  evasion
- Modifies system executable filetype association
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Change Default File Association

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Change Default File Association

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence