e4d4ea9189736350d051644c8be38dbf016f32ec2af72ee6b28b0a32ebe77e3b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c92e8e49ceb2b9a61d80d522ebe054e1
Size

574KB
Sample

240314-vxnfmscb24
MD5

c92e8e49ceb2b9a61d80d522ebe054e1
SHA1

18872bcb35a081e506ef6ef00ab732e797666a83
SHA256

e4d4ea9189736350d051644c8be38dbf016f32ec2af72ee6b28b0a32ebe77e3b
SHA512

99fba147f6172fe036190f62fd5deb9eafb5fb9e6108f920621ae9d222aefbb6befe91a1859077f5c74b1cdfa7264305914bc95555c48cb91710c39f726ff0e7
SSDEEP

12288:K+u59lpJ2+asJSxu6e0rAfF/04hbrr39rkeR5vf2suYDGf4+I70NiBttt:K+u5vpJ2+bSxu+UfFs4BP39rk0zukG2

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  c92e8e49ceb2b9a61d80d522ebe054e1
- Size
  
  574KB
- MD5
  
  c92e8e49ceb2b9a61d80d522ebe054e1
- SHA1
  
  18872bcb35a081e506ef6ef00ab732e797666a83
- SHA256
  
  e4d4ea9189736350d051644c8be38dbf016f32ec2af72ee6b28b0a32ebe77e3b
- SHA512
  
  99fba147f6172fe036190f62fd5deb9eafb5fb9e6108f920621ae9d222aefbb6befe91a1859077f5c74b1cdfa7264305914bc95555c48cb91710c39f726ff0e7
- SSDEEP
  
  12288:K+u59lpJ2+asJSxu6e0rAfF/04hbrr39rkeR5vf2suYDGf4+I70NiBttt:K+u5vpJ2+bSxu+UfFs4BP39rk0zukG2
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2