95617afeddb10654725d3d94f14fb07eff170f625daa0d0e5d29f4aafdb04bf0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccc4daf8535a6396357fbc629b8d0dd2
Size

49KB
Sample

240316-bx2tgsac95
MD5

ccc4daf8535a6396357fbc629b8d0dd2
SHA1

750986b0a5841f95ebb0bd1ab5ffe0802d99d25b
SHA256

95617afeddb10654725d3d94f14fb07eff170f625daa0d0e5d29f4aafdb04bf0
SHA512

d8144c893a79651327233791b2c3bd99f6c1c3f986d4669cbfafe81d7d08e43cf626902a63fbadd80b5015a03f9d7c13112ab90cf6867e562ade9e6504b06d7e
SSDEEP

1536:8HxpVW5KT0YfPSI/D3oJS8nuB56DWP7D2sah:adPSusJhnwEWPn2L

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ccc4daf8535a6396357fbc629b8d0dd2
- Size
  
  49KB
- MD5
  
  ccc4daf8535a6396357fbc629b8d0dd2
- SHA1
  
  750986b0a5841f95ebb0bd1ab5ffe0802d99d25b
- SHA256
  
  95617afeddb10654725d3d94f14fb07eff170f625daa0d0e5d29f4aafdb04bf0
- SHA512
  
  d8144c893a79651327233791b2c3bd99f6c1c3f986d4669cbfafe81d7d08e43cf626902a63fbadd80b5015a03f9d7c13112ab90cf6867e562ade9e6504b06d7e
- SSDEEP
  
  1536:8HxpVW5KT0YfPSI/D3oJS8nuB56DWP7D2sah:adPSusJhnwEWPn2L
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence