7f0718d5946b921d9f4ceabfc50da27122fd6dba789511332092b2c108fbe33b | Triage

Sharing

General

Target

web.exe
Size

7.2MB
Sample

241001-znqlvszenr
MD5

7c09e1db507e1f479849d15049cb0ffa
SHA1

541fa39b69eea9019494cf9fe3c88187b5ad5373
SHA256

7f0718d5946b921d9f4ceabfc50da27122fd6dba789511332092b2c108fbe33b
SHA512

7a66ff9d1804b4d217ad6af83b2674fb7f2e37679e08ceaaa147d8a278beab246633956869287cbc1e7136a00b7139517adebf10cbdeaef3edff9aa2a0829a8a
SSDEEP

196608:8JCeVEyXMCHGLLc54i1wN+IjXx5nDasqWQ2dTNUGql2+iITxavM:6CeVEyXMCHWUjwjx5WsqWxTwrT8U

Score

8^/10

evasion persistence privilege_escalation pyinstaller

Malware Config

Targets

- Target
  
  web.exe
- Size
  
  7.2MB
- MD5
  
  7c09e1db507e1f479849d15049cb0ffa
- SHA1
  
  541fa39b69eea9019494cf9fe3c88187b5ad5373
- SHA256
  
  7f0718d5946b921d9f4ceabfc50da27122fd6dba789511332092b2c108fbe33b
- SHA512
  
  7a66ff9d1804b4d217ad6af83b2674fb7f2e37679e08ceaaa147d8a278beab246633956869287cbc1e7136a00b7139517adebf10cbdeaef3edff9aa2a0829a8a
- SSDEEP
  
  196608:8JCeVEyXMCHGLLc54i1wN+IjXx5nDasqWQ2dTNUGql2+iITxavM:6CeVEyXMCHWUjwjx5WsqWxTwrT8U
Score

8^/10

evasion persistence privilege_escalation
- Drops file in Drivers directory
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceprivilege_escalation