35885025fc4fc449136bbc933843d1cca8c476b40d90b9b1e82e376bd33e45c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35885025fc4fc449136bbc933843d1cca8c476b40d90b9b1e82e376bd33e45c8.exe
Size

206KB
Sample

240704-dqqhzs1frr
MD5

7ae19af7c28af870c0351096640602a0
SHA1

4fdba8fbc644f7b9a45166e91e9242299e1a6daf
SHA256

35885025fc4fc449136bbc933843d1cca8c476b40d90b9b1e82e376bd33e45c8
SHA512

96d445443c7e74ff86fc0b6055c959dd6ae9364623672d77069d9e0c77b5402de281219a0d7baf598dfeb46e2b8263621fce8c188b432cbe56f08f1222f2684c
SSDEEP

3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unh:zvEN2U+T6i5LirrllHy4HUcMQY6M

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  35885025fc4fc449136bbc933843d1cca8c476b40d90b9b1e82e376bd33e45c8.exe
- Size
  
  206KB
- MD5
  
  7ae19af7c28af870c0351096640602a0
- SHA1
  
  4fdba8fbc644f7b9a45166e91e9242299e1a6daf
- SHA256
  
  35885025fc4fc449136bbc933843d1cca8c476b40d90b9b1e82e376bd33e45c8
- SHA512
  
  96d445443c7e74ff86fc0b6055c959dd6ae9364623672d77069d9e0c77b5402de281219a0d7baf598dfeb46e2b8263621fce8c188b432cbe56f08f1222f2684c
- SSDEEP
  
  3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unh:zvEN2U+T6i5LirrllHy4HUcMQY6M
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence