481489db470758e25ed02dfefd13765d5d3785073604f38cc3b2e8dab5c6f6c8 | Triage

Resubmissions

21-09-2024 00:08

240921-ae896swanh 8

21-09-2024 00:04

240921-acsjmsvhpb 8

20-09-2024 23:55

240920-3yxppswakl 8

Sharing

General

Target

usermode.exe
Size

474KB
Sample

240920-3yxppswakl
MD5

2c77c1520d4ee6edfd7cae3f9425883c
SHA1

e60c7b2c7d327cb503818b5e717fd2a5f1185e44
SHA256

481489db470758e25ed02dfefd13765d5d3785073604f38cc3b2e8dab5c6f6c8
SHA512

7174b76cf4fdb238c98a46cc0eba58c38b2e6ccbdb8493c69f606bc8defd0725bf350c9e69ba775e68bbc8a9e267138ab409c2662d95771274028eaa20c117d6
SSDEEP

12288:BdJOLUHJc3+LMvkO9sQkB8LatkTtdH3d1sUw1sUfn:BdJOLUHJc3+LMvkO9s67TtZ3d1sUw1sU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  usermode.exe
- Size
  
  474KB
- MD5
  
  2c77c1520d4ee6edfd7cae3f9425883c
- SHA1
  
  e60c7b2c7d327cb503818b5e717fd2a5f1185e44
- SHA256
  
  481489db470758e25ed02dfefd13765d5d3785073604f38cc3b2e8dab5c6f6c8
- SHA512
  
  7174b76cf4fdb238c98a46cc0eba58c38b2e6ccbdb8493c69f606bc8defd0725bf350c9e69ba775e68bbc8a9e267138ab409c2662d95771274028eaa20c117d6
- SSDEEP
  
  12288:BdJOLUHJc3+LMvkO9sQkB8LatkTtdH3d1sUw1sUfn:BdJOLUHJc3+LMvkO9s67TtZ3d1sUw1sU
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2