fde8acf971cba70ca0b162718f2683ceee54320ecb1457fec612e7f0769126f7 | Triage

Sharing

General

Target

SandboxAnalysis_DownloadSample_141e0810297ed205ad354c172f5f49c9f426fc5c.zip
Size

136KB
Sample

241003-m856ts1and
MD5

9e71dbd63bd92a6c57ef7f236495cb43
SHA1

9979fdbebf90ba9f78a98573d2fd7ce1790fa06b
SHA256

fde8acf971cba70ca0b162718f2683ceee54320ecb1457fec612e7f0769126f7
SHA512

e56832f8930c46240be4208a2acb9a068d894ab70f87f3a9ed3b95f9dbc7977133ac43a497577ef2d865dd1b3c2edab50589b892c4f067aa95609a9c9f7fef8d
SSDEEP

3072:XsJ+H0cyFU8gEKXbLR1fg3PPtcjnfSKZijOtcM/oMKSe:XDUI8gEKXbFAajfCxM//K

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  4BFCDAB91905089E1F37D268519CE18BEBD385C83AC10E0DEF8D4CF5BD47752D
- Size
  
  212KB
- MD5
  
  47270a9d9119248e605c09b97f30814f
- SHA1
  
  141e0810297ed205ad354c172f5f49c9f426fc5c
- SHA256
  
  4bfcdab91905089e1f37d268519ce18bebd385c83ac10e0def8d4cf5bd47752d
- SHA512
  
  255397eac0e58a218cc862cd1a2e3fd00849eb39c4b4249718237ec95f9d1af239c0a28576eb380939459d87364c8f56a9cfe8aa9076f1ee4bc28b58e0821483
- SSDEEP
  
  3072:dEyEsrEpcMQhw/elabdxYBEsrE5cMQGxBcGy6v/yO9zEs11H:dJEVpcv/ab2EV5cvb8v/L9QC
Score

8^/10

discovery evasion persistence
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence