857faa54b849086b1c191c06090fc0b29c584954dfd4f8b3194276cf1d3eecf7 | Triage

Sharing

General

Target

857faa54b849086b1c191c06090fc0b29c584954dfd4f8b3194276cf1d3eecf7
Size

44KB
Sample

240901-bz2aqsxfpb
MD5

14402f36f1bc445e2397af8ab5513e01
SHA1

5c09dc675478739b52a192ff8d0b2bf6d679f7dd
SHA256

857faa54b849086b1c191c06090fc0b29c584954dfd4f8b3194276cf1d3eecf7
SHA512

72c929162711f60b9e4dbb8ae68c713c7661ceeafb1eb97d2c91db8b2b27ed93fda0bc159687d30974a2d8fbad40f599a2387cb83fea36bfd54c47147dc5c3e9
SSDEEP

768:RXBbJbrMowTc400/l6XL5lNQkYXnPUdfotsXAcsuqrc9Qmdim7gkAvoeHCEZq2m7:RxtbrMrfgXL5lNQkYXnMAse2Tdim2NHC

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  2e55953f081dcca78557a5b8be0a7015b828b8ad013f3470ee4e432c7897f340
- Size
  
  68KB
- MD5
  
  26b2b049141a1121afd944b3b33681c2
- SHA1
  
  32df277749336581899f630bf11d36a70d68a592
- SHA256
  
  2e55953f081dcca78557a5b8be0a7015b828b8ad013f3470ee4e432c7897f340
- SHA512
  
  c52433eed1dbf78955c9358fdb4bf97dd3cd9a50eccb17d49426c8fda76805da70884bf662a274d69aef326af7714602c4234b388790fa1df65f230802500f2b
- SSDEEP
  
  1536:0txwjjK7lp27GjV3P1YVl3oyzrmg/t01fUS95vSVuE:kqjm+l4yzr9/t09US7SL
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion