9b1305fbc12e89e4e23910cb7867cf6ae9d53e7d425969cb92d184f0f5d1f8b9 | Triage

Sharing

General

Target

bc79c83aa79a4a56caf7abe575c37edb
Size

56KB
Sample

240309-wvp25afa5t
MD5

bc79c83aa79a4a56caf7abe575c37edb
SHA1

c6b3130b84d616dfee3ad2399734d1aae8f22038
SHA256

9b1305fbc12e89e4e23910cb7867cf6ae9d53e7d425969cb92d184f0f5d1f8b9
SHA512

f7e6f5cdb166b8d0d44e238c284b806b43198e96e291e51ead124075d2da7c31bff641fbfe8199b4a05e823fc31953c7e413b35f1581505e87eb9d0496ce7d48
SSDEEP

768:5GMcZW64cKMfLq2IRZwqXsZUn4YU1px2w/pQXoP7rEBrza:QMqWbcBC6sK2wxE8QBr+

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  bc79c83aa79a4a56caf7abe575c37edb
- Size
  
  56KB
- MD5
  
  bc79c83aa79a4a56caf7abe575c37edb
- SHA1
  
  c6b3130b84d616dfee3ad2399734d1aae8f22038
- SHA256
  
  9b1305fbc12e89e4e23910cb7867cf6ae9d53e7d425969cb92d184f0f5d1f8b9
- SHA512
  
  f7e6f5cdb166b8d0d44e238c284b806b43198e96e291e51ead124075d2da7c31bff641fbfe8199b4a05e823fc31953c7e413b35f1581505e87eb9d0496ce7d48
- SSDEEP
  
  768:5GMcZW64cKMfLq2IRZwqXsZUn4YU1px2w/pQXoP7rEBrza:QMqWbcBC6sK2wxE8QBr+
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence