27a07c1223a22befabea283a4e1461815159af75fb4fcbc75871cde568f794e9 | Triage

Sharing

General

Target

27a07c1223a22befabea283a4e1461815159af75fb4fcbc75871cde568f794e9
Size

2.8MB
Sample

240504-1fe1tsbh9x
MD5

006e4dc41f220188de8219fba61f3d25
SHA1

fc7d7be8cfc82888c8d0ddcebc81a982188a10bd
SHA256

27a07c1223a22befabea283a4e1461815159af75fb4fcbc75871cde568f794e9
SHA512

389a9d56482a11dca5cd09c2a91e60af0130b04abc0e37394886ebf65aa0e93798b7daf19f361ccab10154c74189f37183fe262503481af03a2c6cba544e9f8d
SSDEEP

49152:vYKK62+3iIffNhaSYXLnuD9XoULmII6/W:QKQ+SaN2Xj29XoULmII3

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  27a07c1223a22befabea283a4e1461815159af75fb4fcbc75871cde568f794e9
- Size
  
  2.8MB
- MD5
  
  006e4dc41f220188de8219fba61f3d25
- SHA1
  
  fc7d7be8cfc82888c8d0ddcebc81a982188a10bd
- SHA256
  
  27a07c1223a22befabea283a4e1461815159af75fb4fcbc75871cde568f794e9
- SHA512
  
  389a9d56482a11dca5cd09c2a91e60af0130b04abc0e37394886ebf65aa0e93798b7daf19f361ccab10154c74189f37183fe262503481af03a2c6cba544e9f8d
- SSDEEP
  
  49152:vYKK62+3iIffNhaSYXLnuD9XoULmII6/W:QKQ+SaN2Xj29XoULmII3
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence