dfb5b62bba78bc765abe118b5ad37ed6215d62dc4e5697daf7c62314ce3920bc | Triage

Sharing

General

Target

e15203ec4f6d0c1755d999aa31daed2c
Size

30KB
Sample

240327-lavf1acc3v
MD5

e15203ec4f6d0c1755d999aa31daed2c
SHA1

4f5d35bd747732c45b0780e3175518fa40bc967a
SHA256

dfb5b62bba78bc765abe118b5ad37ed6215d62dc4e5697daf7c62314ce3920bc
SHA512

335cf80193b1f5a73782c33e3593e289567087e92a2ea6df87c42bcd7d3162becc35fc382e6ce62dd16f5257edfbd5115d0f3a9c20a3e48a4e126e9f34df8733
SSDEEP

768:jCHmSjdOj9BPoczaNPOwYtiW0YQw8LPO9gTRnn8C:2HCBQJVpYQZLPO9Cn8C

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e15203ec4f6d0c1755d999aa31daed2c
- Size
  
  30KB
- MD5
  
  e15203ec4f6d0c1755d999aa31daed2c
- SHA1
  
  4f5d35bd747732c45b0780e3175518fa40bc967a
- SHA256
  
  dfb5b62bba78bc765abe118b5ad37ed6215d62dc4e5697daf7c62314ce3920bc
- SHA512
  
  335cf80193b1f5a73782c33e3593e289567087e92a2ea6df87c42bcd7d3162becc35fc382e6ce62dd16f5257edfbd5115d0f3a9c20a3e48a4e126e9f34df8733
- SSDEEP
  
  768:jCHmSjdOj9BPoczaNPOwYtiW0YQw8LPO9gTRnn8C:2HCBQJVpYQZLPO9Cn8C
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence