3b53a8474f9732ee1555668a5acd02c534c9025b270d3d15319e3d2ef8c78a1b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5b61d55237c619b5dbe3e1f7cab7bcf
Size

149KB
Sample

240409-29sdpacg3x
MD5

b5b61d55237c619b5dbe3e1f7cab7bcf
SHA1

dffcbbf36104340174083250ae399ff9dd942779
SHA256

3b53a8474f9732ee1555668a5acd02c534c9025b270d3d15319e3d2ef8c78a1b
SHA512

6aea9c4a7eb6844aecd921e9e2f56185d2df36ee76044776dee8ab0ab2671dda872fd072447cc46a96443922f8211493f9a03b29ba461978af0c6bbba45c09f1
SSDEEP

3072:vbuMGq4hOSOVrjsvJGKrx1YhCneM0exXPIFeWPJM9CW3X:TGq4sHVfAdl1EuXPOeW29Ca

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  b5b61d55237c619b5dbe3e1f7cab7bcf
- Size
  
  149KB
- MD5
  
  b5b61d55237c619b5dbe3e1f7cab7bcf
- SHA1
  
  dffcbbf36104340174083250ae399ff9dd942779
- SHA256
  
  3b53a8474f9732ee1555668a5acd02c534c9025b270d3d15319e3d2ef8c78a1b
- SHA512
  
  6aea9c4a7eb6844aecd921e9e2f56185d2df36ee76044776dee8ab0ab2671dda872fd072447cc46a96443922f8211493f9a03b29ba461978af0c6bbba45c09f1
- SSDEEP
  
  3072:vbuMGq4hOSOVrjsvJGKrx1YhCneM0exXPIFeWPJM9CW3X:TGq4sHVfAdl1EuXPOeW29Ca
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2