c0438ef4720cebea9ffbf1919b01090d59e946abdbd977610e885612ec26fac6 | Triage

Sharing

General

Target

17a27bd4ba5168af5dff666ce34afe66.bin
Size

58KB
Sample

240629-bqmqzs1alm
MD5

17a27bd4ba5168af5dff666ce34afe66
SHA1

5162c94904ee7c5010e5c8ba70fa14f759b10421
SHA256

c0438ef4720cebea9ffbf1919b01090d59e946abdbd977610e885612ec26fac6
SHA512

fc6b1b07db35c25bb409375af929523af3a01ee30ff5fdca06643d3a962793cae54f54e55c7284aae7ccbe89b279b7e5b36a0fa4e85201fd0696d5206541a511
SSDEEP

384:TNmpna0RbFo7fXfTSqHShn1UyW0e2zoDMJvdS:Tcpa0xEfGqHSn1a0logJVS

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  17a27bd4ba5168af5dff666ce34afe66.bin
- Size
  
  58KB
- MD5
  
  17a27bd4ba5168af5dff666ce34afe66
- SHA1
  
  5162c94904ee7c5010e5c8ba70fa14f759b10421
- SHA256
  
  c0438ef4720cebea9ffbf1919b01090d59e946abdbd977610e885612ec26fac6
- SHA512
  
  fc6b1b07db35c25bb409375af929523af3a01ee30ff5fdca06643d3a962793cae54f54e55c7284aae7ccbe89b279b7e5b36a0fa4e85201fd0696d5206541a511
- SSDEEP
  
  384:TNmpna0RbFo7fXfTSqHShn1UyW0e2zoDMJvdS:Tcpa0xEfGqHSn1a0logJVS
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Disables use of System Restore points
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence