3d9328ba22e7afde5ac34165c07dabf1f7d2c9ea2df2c80393248609b3842313 | Triage

Sharing

General

Target

Silviozas Premium Proxy.exe
Size

2.0MB
Sample

240820-pcyszs1bre
MD5

17c11665b8f2dfb8156b89a06b445802
SHA1

7e78b2c59f3bdb7f625aaf57d1b6d383a85fff1b
SHA256

3d9328ba22e7afde5ac34165c07dabf1f7d2c9ea2df2c80393248609b3842313
SHA512

89200ad7063db0ba7b677d2034bcefc9143acd8da0c8759a5400a7c08a60034014e8a2b10637edc1b73c79ce8f98c00978dc491b59dbc79d66cd04e7bd55e236
SSDEEP

49152:bYF2c018Cl7NzHXFcBuXIw89MFYHy2pHiin1rk6NMKr:bYF2cArNFU8IwFFYHy2pCit/Nxr

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Silviozas Premium Proxy.exe
- Size
  
  2.0MB
- MD5
  
  17c11665b8f2dfb8156b89a06b445802
- SHA1
  
  7e78b2c59f3bdb7f625aaf57d1b6d383a85fff1b
- SHA256
  
  3d9328ba22e7afde5ac34165c07dabf1f7d2c9ea2df2c80393248609b3842313
- SHA512
  
  89200ad7063db0ba7b677d2034bcefc9143acd8da0c8759a5400a7c08a60034014e8a2b10637edc1b73c79ce8f98c00978dc491b59dbc79d66cd04e7bd55e236
- SSDEEP
  
  49152:bYF2c018Cl7NzHXFcBuXIw89MFYHy2pHiin1rk6NMKr:bYF2cArNFU8IwFFYHy2pCit/Nxr
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2