25d651872d338acae736cf7c9b6f65f88ff9740621bb135a68f51d7c4a09d34e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6caaf4b335155726ac3cec4b8702e49
Size

420KB
Sample

240319-wwfj3sag89
MD5

d6caaf4b335155726ac3cec4b8702e49
SHA1

25d6d1e5782e03dc4b27b0d90b8470cbec52e3bc
SHA256

25d651872d338acae736cf7c9b6f65f88ff9740621bb135a68f51d7c4a09d34e
SHA512

cc9fd056cc9d837a830ef13797a5dad7c2bca5e4bad486313f91ca37ae1db866e7f7f86a3589fdf6ff85ae68fed82a1fd72cf4e6377b60374fe36efabc246e5f
SSDEEP

6144:zK3HTNGVvHI2zBHng5HaVsbZgRnyR4mULJhkHM6jI7H1D7puVSQ:23HcVvo21ga0aQ4HLJhkHM6jI7VD7wl

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  d6caaf4b335155726ac3cec4b8702e49
- Size
  
  420KB
- MD5
  
  d6caaf4b335155726ac3cec4b8702e49
- SHA1
  
  25d6d1e5782e03dc4b27b0d90b8470cbec52e3bc
- SHA256
  
  25d651872d338acae736cf7c9b6f65f88ff9740621bb135a68f51d7c4a09d34e
- SHA512
  
  cc9fd056cc9d837a830ef13797a5dad7c2bca5e4bad486313f91ca37ae1db866e7f7f86a3589fdf6ff85ae68fed82a1fd72cf4e6377b60374fe36efabc246e5f
- SSDEEP
  
  6144:zK3HTNGVvHI2zBHng5HaVsbZgRnyR4mULJhkHM6jI7H1D7puVSQ:23HcVvo21ga0aQ4HLJhkHM6jI7VD7wl
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Adds policy Run key to start application
  persistence
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence