General
-
Target
c761a14b7b8cb4b54cf7a007e1fd3a10N.exe
-
Size
24KB
-
Sample
240823-r2eshszepd
-
MD5
c761a14b7b8cb4b54cf7a007e1fd3a10
-
SHA1
6bb477a9382c907380da342ae0327f647501ec5e
-
SHA256
f66f2bcf3ed6c866a71f7e0a8248d3913d6627ff55df171a3f869a5bc34be7dd
-
SHA512
058e4dcfe4b0eecfc100e365c784ee6c69a13054d7a3ef8659e1c1c18706fd840548f597d7b5501bea2bbd32a089430b8f3fb75870ea63024ed2edfcc3ca6318
-
SSDEEP
384:1dD9d6G4q6glPDFk/J8uDYBhHKuuRsPljjonjK1I5zgIl2f+Ic:1aaFkQrHFPljEjpdgIEA
Malware Config
Targets
-
-
Target
c761a14b7b8cb4b54cf7a007e1fd3a10N.exe
-
Size
24KB
-
MD5
c761a14b7b8cb4b54cf7a007e1fd3a10
-
SHA1
6bb477a9382c907380da342ae0327f647501ec5e
-
SHA256
f66f2bcf3ed6c866a71f7e0a8248d3913d6627ff55df171a3f869a5bc34be7dd
-
SHA512
058e4dcfe4b0eecfc100e365c784ee6c69a13054d7a3ef8659e1c1c18706fd840548f597d7b5501bea2bbd32a089430b8f3fb75870ea63024ed2edfcc3ca6318
-
SSDEEP
384:1dD9d6G4q6glPDFk/J8uDYBhHKuuRsPljjonjK1I5zgIl2f+Ic:1aaFkQrHFPljEjpdgIEA
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1