f4d92a24ad96dddbe7830271040742ca9483a4736b0ce751bc3c5db11c1ea133 | Triage

Sharing

General

Target

f4d92a24ad96dddbe7830271040742ca9483a4736b0ce751bc3c5db11c1ea133.exe
Size

64KB
Sample

241121-fwf8lsyqa1
MD5

05a51117b18bcf22ef4621033b8f9105
SHA1

38181bfcb678f73108c57b0c7b88b106fbf01653
SHA256

f4d92a24ad96dddbe7830271040742ca9483a4736b0ce751bc3c5db11c1ea133
SHA512

0ea40c86fc2af3c207c03ba04793cccbbadb7b4146def2607bedceeadcb2632808ba59f86eeaef3c22bf9d0703668a499d20f928a6edf74484bf298ec8699c78
SSDEEP

1536:DSY+A37feaCMJDmYsLIb4PvYqHB/AhtrDznGaCtiXxLMZ2xtATKel:DSDADeak7dJHB/Av3CQhW2xWTKel

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  f4d92a24ad96dddbe7830271040742ca9483a4736b0ce751bc3c5db11c1ea133.exe
- Size
  
  64KB
- MD5
  
  05a51117b18bcf22ef4621033b8f9105
- SHA1
  
  38181bfcb678f73108c57b0c7b88b106fbf01653
- SHA256
  
  f4d92a24ad96dddbe7830271040742ca9483a4736b0ce751bc3c5db11c1ea133
- SHA512
  
  0ea40c86fc2af3c207c03ba04793cccbbadb7b4146def2607bedceeadcb2632808ba59f86eeaef3c22bf9d0703668a499d20f928a6edf74484bf298ec8699c78
- SSDEEP
  
  1536:DSY+A37feaCMJDmYsLIb4PvYqHB/AhtrDznGaCtiXxLMZ2xtATKel:DSDADeak7dJHB/Av3CQhW2xWTKel
Score

10^/10

discovery evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion