7a80c60486c158a31f6608753443fc0e519b98e9ee061bc68165449993195107 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdd74815f33a3c02c9c0737fac4e6125
Size

20KB
Sample

240316-mnzhjshc3w
MD5

cdd74815f33a3c02c9c0737fac4e6125
SHA1

8854f922d62653b1a9e3d4a33d4a9ac5d9f69e1d
SHA256

7a80c60486c158a31f6608753443fc0e519b98e9ee061bc68165449993195107
SHA512

30cce1a0b9c0efa882f745e7ad7ef5b1c90abbec5b1ad5f50dbd8577147e630fac0f8df4339bdf1d59cd840be247ebac45678217ba809aac298beca7a0bfbd56
SSDEEP

384:X9Or5NKZ2Clws0UF0UHgCGyMwb7vfq9jnjpD2lmzxuQYYOdwgR:XEr5k1brACrMwb736jjV2lWxu+a

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cdd74815f33a3c02c9c0737fac4e6125
- Size
  
  20KB
- MD5
  
  cdd74815f33a3c02c9c0737fac4e6125
- SHA1
  
  8854f922d62653b1a9e3d4a33d4a9ac5d9f69e1d
- SHA256
  
  7a80c60486c158a31f6608753443fc0e519b98e9ee061bc68165449993195107
- SHA512
  
  30cce1a0b9c0efa882f745e7ad7ef5b1c90abbec5b1ad5f50dbd8577147e630fac0f8df4339bdf1d59cd840be247ebac45678217ba809aac298beca7a0bfbd56
- SSDEEP
  
  384:X9Or5NKZ2Clws0UF0UHgCGyMwb7vfq9jnjpD2lmzxuQYYOdwgR:XEr5k1brACrMwb736jjV2lWxu+a
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Modifies AppInit DLL entries
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence