e680be65d92f0c4b3b9c9caad2ddebbc6d5ba3dd2023a934d8b96658d26c8b50 | Triage

Sharing

General

Target

e680be65d92f0c4b3b9c9caad2ddebbc6d5ba3dd2023a934d8b96658d26c8b50
Size

135KB
Sample

240425-fag8safd97
MD5

1d0a66f30196a3f2590cd3d9e4f797d9
SHA1

75e713603788c63e69610922a1c9f2e1472e9e94
SHA256

e680be65d92f0c4b3b9c9caad2ddebbc6d5ba3dd2023a934d8b96658d26c8b50
SHA512

fd370dd449a5f0dcc2b389bf32433c97147c1560c53e5fbd00f7314a90ecbbb3b37a9e69ce80f59ab3e376bb26dfcbc8ba1b428fc2dc7ffb65bebac908a96d1e
SSDEEP

1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVIU:UVqoCl/YgjxEufVU0TbTyDDal+U

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e680be65d92f0c4b3b9c9caad2ddebbc6d5ba3dd2023a934d8b96658d26c8b50
- Size
  
  135KB
- MD5
  
  1d0a66f30196a3f2590cd3d9e4f797d9
- SHA1
  
  75e713603788c63e69610922a1c9f2e1472e9e94
- SHA256
  
  e680be65d92f0c4b3b9c9caad2ddebbc6d5ba3dd2023a934d8b96658d26c8b50
- SHA512
  
  fd370dd449a5f0dcc2b389bf32433c97147c1560c53e5fbd00f7314a90ecbbb3b37a9e69ce80f59ab3e376bb26dfcbc8ba1b428fc2dc7ffb65bebac908a96d1e
- SSDEEP
  
  1536:UfsEqouTRcG/Mzvgf7xEuvnXNTRdUzwTekUOisZ1yDDajtXbVIU:UVqoCl/YgjxEufVU0TbTyDDal+U
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence