958e98cd981e7b8c9ed4253cdd098e03c5bf2cc5ce8ff146cbc7eadfc7e05406 | Triage

Sharing

General

Target

AppxSip.dll
Size

93KB
Sample

240526-qd1jmsgb42
MD5

3a91ae889f89fb8178f83ed516e58007
SHA1

d07f7a2213a7345fe561da4e3a91aee778b03798
SHA256

958e98cd981e7b8c9ed4253cdd098e03c5bf2cc5ce8ff146cbc7eadfc7e05406
SHA512

1e1082460b9987d73ec5444afa23f96f70427f79d68769161e853b0b9cfdfa02b7b5c6889c20726652e1dd3aa13bdd3b239f82a06303bd75b802b8896bfc60d4
SSDEEP

1536:nMXD1qNcTJVmH7REratw5bJyR8lvK1DTnpofc3c:nMXD0YmFl1wvEvpoE3

Score

8^/10

Malware Config

Targets

- Target
  
  AppxSip.dll
- Size
  
  93KB
- MD5
  
  3a91ae889f89fb8178f83ed516e58007
- SHA1
  
  d07f7a2213a7345fe561da4e3a91aee778b03798
- SHA256
  
  958e98cd981e7b8c9ed4253cdd098e03c5bf2cc5ce8ff146cbc7eadfc7e05406
- SHA512
  
  1e1082460b9987d73ec5444afa23f96f70427f79d68769161e853b0b9cfdfa02b7b5c6889c20726652e1dd3aa13bdd3b239f82a06303bd75b802b8896bfc60d4
- SSDEEP
  
  1536:nMXD1qNcTJVmH7REratw5bJyR8lvK1DTnpofc3c:nMXD0YmFl1wvEvpoE3
Score

8^/10
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2