a0552340be494fa0e5279901d59702a94dc7b9938344b826b501c95dc0665fd0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DashStub.exe
Size

318KB
Sample

241005-wx1awaydmk
MD5

a01e05577e68302dca8ffb299797488c
SHA1

114461ccafad42a32c5629273bdbdbb16ca9ada9
SHA256

a0552340be494fa0e5279901d59702a94dc7b9938344b826b501c95dc0665fd0
SHA512

2318c26f17598c934c999501f1b162edfb02c2a0fef0572bad698174e314e5d30ca3e409490e08c1ca962387b4148cd417fd8c37e7487555f637fd64d0fe9de1
SSDEEP

6144:01xxiw0qvLJXnlUGujCtjno6itQl+REw6FMG/UHQS8PUHIRA8yVYtFm6axHU5:6kqjVnl36ud0zR/6CtQ9PUHIG8Dn

Score

8^/10

defense_evasion discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  DashStub.exe
- Size
  
  318KB
- MD5
  
  a01e05577e68302dca8ffb299797488c
- SHA1
  
  114461ccafad42a32c5629273bdbdbb16ca9ada9
- SHA256
  
  a0552340be494fa0e5279901d59702a94dc7b9938344b826b501c95dc0665fd0
- SHA512
  
  2318c26f17598c934c999501f1b162edfb02c2a0fef0572bad698174e314e5d30ca3e409490e08c1ca962387b4148cd417fd8c37e7487555f637fd64d0fe9de1
- SSDEEP
  
  6144:01xxiw0qvLJXnlUGujCtjno6itQl+REw6FMG/UHQS8PUHIRA8yVYtFm6axHU5:6kqjVnl36ud0zR/6CtQ9PUHIG8Dn
Score

8^/10

defense_evasion discovery evasion persistence privilege_escalation trojan
- Modifies Windows Firewall
  evasion
- Checks whether UAC is enabled
  evasion trojan
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Access Token Manipulation

Create Process with Token

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Access Token Manipulation

Create Process with Token

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryevasionpersistenceprivilege_escalationtrojan