6e43dd34bd2f122865a63bd2a14c70fe13b24210be349b97fdc81c59ad0f21e5 | Triage

Sharing

General

Target

XieshisHydraVir.exe
Size

959KB
Sample

240706-3jmwysxdnq
MD5

f73a71a935eceddef6a5781f28a48e11
SHA1

e32579e3278fafc2b25ebd3480c5152797e9f02e
SHA256

6e43dd34bd2f122865a63bd2a14c70fe13b24210be349b97fdc81c59ad0f21e5
SHA512

e539f055056a256b591811861b8b73fa6935294a4d90b3696fb00dfb23a93f505e2112d6c3e0b0a681e0db7e52d6e17f246a3399613635617ae90f03f4ccad90
SSDEEP

3072:+e++5bh9fN2BNySnAg0o0gzE0u0gDSLKZIxbh9fN2BNySnAg0o0gzE0u0gDSLKZx:+ijNVZIxjNVZIxjNVZIxjNVZIXjNRdt

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  XieshisHydraVir.exe
- Size
  
  959KB
- MD5
  
  f73a71a935eceddef6a5781f28a48e11
- SHA1
  
  e32579e3278fafc2b25ebd3480c5152797e9f02e
- SHA256
  
  6e43dd34bd2f122865a63bd2a14c70fe13b24210be349b97fdc81c59ad0f21e5
- SHA512
  
  e539f055056a256b591811861b8b73fa6935294a4d90b3696fb00dfb23a93f505e2112d6c3e0b0a681e0db7e52d6e17f246a3399613635617ae90f03f4ccad90
- SSDEEP
  
  3072:+e++5bh9fN2BNySnAg0o0gzE0u0gDSLKZIxbh9fN2BNySnAg0o0gzE0u0gDSLKZx:+ijNVZIxjNVZIxjNVZIxjNVZIXjNRdt
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence