ea9d3179ac9da0c37c890a3c43a0a84681b264418ccc647dd240823c7e6152fc | Triage

Sharing

General

Target

b787f06059820f3d96e8a8aaabfd693e
Size

321KB
Sample

240306-qxnzysca9t
MD5

b787f06059820f3d96e8a8aaabfd693e
SHA1

16ee749b3ffd10707937f659329f9fc5e6364b60
SHA256

ea9d3179ac9da0c37c890a3c43a0a84681b264418ccc647dd240823c7e6152fc
SHA512

12b98ab5bf9ca21ae78d495128a4f71109e89dcfcb31187416ae939d1f1b707de01c54721e24595d7c2bb69caade891d639cec05577a00c93ef0850c49082873
SSDEEP

6144:c4rjlbKLpBz/o6WhsjJ8wHljxFhfi9I9tMUle9IGnVrxPM/+EUn:c4XItWM/3Xhle53E

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  b787f06059820f3d96e8a8aaabfd693e
- Size
  
  321KB
- MD5
  
  b787f06059820f3d96e8a8aaabfd693e
- SHA1
  
  16ee749b3ffd10707937f659329f9fc5e6364b60
- SHA256
  
  ea9d3179ac9da0c37c890a3c43a0a84681b264418ccc647dd240823c7e6152fc
- SHA512
  
  12b98ab5bf9ca21ae78d495128a4f71109e89dcfcb31187416ae939d1f1b707de01c54721e24595d7c2bb69caade891d639cec05577a00c93ef0850c49082873
- SSDEEP
  
  6144:c4rjlbKLpBz/o6WhsjJ8wHljxFhfi9I9tMUle9IGnVrxPM/+EUn:c4XItWM/3Xhle53E
Score

8^/10

evasion persistence
- Disables taskbar notifications via registry modification
  evasion
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2