70cb39ef1ed95e4575fc6bbb4f9c7198324d613e40d41a73e6f8dfe90f314f12 | Triage

Sharing

General

Target

70cb39ef1ed95e4575fc6bbb4f9c7198324d613e40d41a73e6f8dfe90f314f12
Size

30KB
Sample

221002-2kndfadff6
MD5

71a1a1b553e65e986cda1f7ea4f19c90
SHA1

27a58fd84b9586990d4bb327351ca14a79ed0339
SHA256

70cb39ef1ed95e4575fc6bbb4f9c7198324d613e40d41a73e6f8dfe90f314f12
SHA512

87f5ec59c02f8f7b3630773cbfeb9613763af3dd449b75cec5ad1f8a32cb00fdac931e1143a09d5ce2b55aaf977ad7b9f7155c641f4a183db0e1786a28a53e24
SSDEEP

384:RXEyq7N30i1jg1guDU0XejcjUsBdYR2eK5fuzyrqn92oc/nAzBm3D0KokU:RXE7+yjoDUgBUsBmoGe7ocozU3vokU

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  70cb39ef1ed95e4575fc6bbb4f9c7198324d613e40d41a73e6f8dfe90f314f12
- Size
  
  30KB
- MD5
  
  71a1a1b553e65e986cda1f7ea4f19c90
- SHA1
  
  27a58fd84b9586990d4bb327351ca14a79ed0339
- SHA256
  
  70cb39ef1ed95e4575fc6bbb4f9c7198324d613e40d41a73e6f8dfe90f314f12
- SHA512
  
  87f5ec59c02f8f7b3630773cbfeb9613763af3dd449b75cec5ad1f8a32cb00fdac931e1143a09d5ce2b55aaf977ad7b9f7155c641f4a183db0e1786a28a53e24
- SSDEEP
  
  384:RXEyq7N30i1jg1guDU0XejcjUsBdYR2eK5fuzyrqn92oc/nAzBm3D0KokU:RXE7+yjoDUgBUsBmoGe7ocozU3vokU
Score

10^/10

evasion persistence
- Modifies system executable filetype association
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Sets DLL path for service in the registry
  persistence
- Sets service image path in registry
  persistence
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence