07f2f2b9bc4b0d63deea27cd1aded585e17116e84e8b9252f3dcc48f969c08df | Triage

Sharing

General

Target

07f2f2b9bc4b0d63deea27cd1aded585e17116e84e8b9252f3dcc48f969c08df
Size

333KB
Sample

220919-xf68jaggdp
MD5

86d6a0830e781f014fe8fd9b0e4cc37b
SHA1

b4b0cf7d531c8b31dbad2650729a2958d7b04872
SHA256

07f2f2b9bc4b0d63deea27cd1aded585e17116e84e8b9252f3dcc48f969c08df
SHA512

1f0289c6c819ec83e7d351634a7f41fab3821c55709d42c373aa1ece3a5b786a91f932d32894a450eb34073a39203ad9b67f3e8af0268e6dbe3be11c68cb6bba
SSDEEP

6144:cDXDSBCCplr6eCjrcTTzAkHNVM7glqPuFci/i7w0S:cDXDS8CL2eCncEyflqPura4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  07f2f2b9bc4b0d63deea27cd1aded585e17116e84e8b9252f3dcc48f969c08df
- Size
  
  333KB
- MD5
  
  86d6a0830e781f014fe8fd9b0e4cc37b
- SHA1
  
  b4b0cf7d531c8b31dbad2650729a2958d7b04872
- SHA256
  
  07f2f2b9bc4b0d63deea27cd1aded585e17116e84e8b9252f3dcc48f969c08df
- SHA512
  
  1f0289c6c819ec83e7d351634a7f41fab3821c55709d42c373aa1ece3a5b786a91f932d32894a450eb34073a39203ad9b67f3e8af0268e6dbe3be11c68cb6bba
- SSDEEP
  
  6144:cDXDSBCCplr6eCjrcTTzAkHNVM7glqPuFci/i7w0S:cDXDS8CL2eCncEyflqPura4
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2