a3357e7ea44e4d30304b1e5a4f53da37c848ce10fda0bd03a4f0dc0c5220e336 | Triage

Sharing

General

Target

a3357e7ea44e4d30304b1e5a4f53da37c848ce10fda0bd03a4f0dc0c5220e336
Size

397KB
Sample

240319-xlxw2sch7t
MD5

6f593dbea0a8703af52bd66f582251a4
SHA1

2201a210e9680ec079b08bdb1da6d23112d87dcc
SHA256

a3357e7ea44e4d30304b1e5a4f53da37c848ce10fda0bd03a4f0dc0c5220e336
SHA512

97ebc0b7f27a76efead93fce05a8d059b4c6629e6348d5d4b728ed910ab00848b44737c6b5a48ac070d62a1da9273fc72b809fcf36bd17afb573fccc33d5aa73
SSDEEP

6144:rqJycjfxGqz7J1Bn+F7potY9kxqqJrNzS:rq8cj5fR+MO9kPJrhS

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  a3357e7ea44e4d30304b1e5a4f53da37c848ce10fda0bd03a4f0dc0c5220e336
- Size
  
  397KB
- MD5
  
  6f593dbea0a8703af52bd66f582251a4
- SHA1
  
  2201a210e9680ec079b08bdb1da6d23112d87dcc
- SHA256
  
  a3357e7ea44e4d30304b1e5a4f53da37c848ce10fda0bd03a4f0dc0c5220e336
- SHA512
  
  97ebc0b7f27a76efead93fce05a8d059b4c6629e6348d5d4b728ed910ab00848b44737c6b5a48ac070d62a1da9273fc72b809fcf36bd17afb573fccc33d5aa73
- SSDEEP
  
  6144:rqJycjfxGqz7J1Bn+F7potY9kxqqJrNzS:rq8cj5fR+MO9kPJrhS
Score

8^/10

evasion persistence
- Sets file execution options in registry
  persistence
- Modifies powershell logging option
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence