c35fc58abaaf7b5eedb55dbeb8e495960878d89c26b68c8f4f7cbca4690d4200 | Triage

Sharing

General

Target

c35fc58abaaf7b5eedb55dbeb8e495960878d89c26b68c8f4f7cbca4690d4200
Size

135KB
Sample

240422-dezbraeh7x
MD5

8e54bcbc6d7c3c11ce5a058463f02a6f
SHA1

867552607510068f384c9d6986947fa63c3c9768
SHA256

c35fc58abaaf7b5eedb55dbeb8e495960878d89c26b68c8f4f7cbca4690d4200
SHA512

b072a96e130a26f0663eedca29b42fa169607a54a4241193562f9a58a21a6ae5352624172e25fc4e2e21cfdda32b9c14b1332b019be60018ced6ba066285e986
SSDEEP

1536:XfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbgtx:XVqoCl/YgjxEufVU0TbTyDDalqx

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  c35fc58abaaf7b5eedb55dbeb8e495960878d89c26b68c8f4f7cbca4690d4200
- Size
  
  135KB
- MD5
  
  8e54bcbc6d7c3c11ce5a058463f02a6f
- SHA1
  
  867552607510068f384c9d6986947fa63c3c9768
- SHA256
  
  c35fc58abaaf7b5eedb55dbeb8e495960878d89c26b68c8f4f7cbca4690d4200
- SHA512
  
  b072a96e130a26f0663eedca29b42fa169607a54a4241193562f9a58a21a6ae5352624172e25fc4e2e21cfdda32b9c14b1332b019be60018ced6ba066285e986
- SSDEEP
  
  1536:XfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbgtx:XVqoCl/YgjxEufVU0TbTyDDalqx
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence