a1615a4e1adbb2b09624675a61eb63963c2e7cad6a7f966e6258963b84bfe777 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba2d373f0d9cfa146b965ede778b1dfd
Size

476KB
Sample

240308-bwyqface5w
MD5

ba2d373f0d9cfa146b965ede778b1dfd
SHA1

e1c29a2e9d218f1d20f5a92feb2d2571aee53b6e
SHA256

a1615a4e1adbb2b09624675a61eb63963c2e7cad6a7f966e6258963b84bfe777
SHA512

2a2c1e56df48d7eeb81a2ec44891608362eb593d9c9bec8ec8b2d8f0fbe386786d31c920231aff30dfc9a0f1064d14aec34e9c72e993875dd5a81ecf96179f23
SSDEEP

6144:Y9UyM13yNdqQhw5lmiNmg/4PlYvE+PkQlvxWrA0hP+gnipimHwDATK+cGYnn5/cP:RyM13y1hw5lTOYB0h89HwE+p5jEA

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ba2d373f0d9cfa146b965ede778b1dfd
- Size
  
  476KB
- MD5
  
  ba2d373f0d9cfa146b965ede778b1dfd
- SHA1
  
  e1c29a2e9d218f1d20f5a92feb2d2571aee53b6e
- SHA256
  
  a1615a4e1adbb2b09624675a61eb63963c2e7cad6a7f966e6258963b84bfe777
- SHA512
  
  2a2c1e56df48d7eeb81a2ec44891608362eb593d9c9bec8ec8b2d8f0fbe386786d31c920231aff30dfc9a0f1064d14aec34e9c72e993875dd5a81ecf96179f23
- SSDEEP
  
  6144:Y9UyM13yNdqQhw5lmiNmg/4PlYvE+PkQlvxWrA0hP+gnipimHwDATK+cGYnn5/cP:RyM13y1hw5lTOYB0h89HwE+p5jEA
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2