70757a81d4584a446c66aa42b91d049986e2d9c73b58cd5e04fe1ea86e55082d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70757a81d4584a446c66aa42b91d049986e2d9c73b58cd5e04fe1ea86e55082d
Size

348KB
Sample

221028-2c3s6aachp
MD5

55a3db77d6cbea34d833ba294a56ef64
SHA1

b2b1cad9ce44e6d90cd31a4a72549e90f1082ad9
SHA256

70757a81d4584a446c66aa42b91d049986e2d9c73b58cd5e04fe1ea86e55082d
SHA512

29d1d6f68d57e837df04b2417891cc3a289275496baf0978de45630130bf1e7ff772858fd209f9798b9a46e06d80c600ad2a31de9288339b1695d8d30135487a
SSDEEP

3072:URQ3mPKKKKurTL1RP/PHgwtcpNg80Qs+fcu+hYLofoRApr4DAfdKtDx8Hgh1qnoE:xpNuQYLog6p4GYtDqHghbPVE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  70757a81d4584a446c66aa42b91d049986e2d9c73b58cd5e04fe1ea86e55082d
- Size
  
  348KB
- MD5
  
  55a3db77d6cbea34d833ba294a56ef64
- SHA1
  
  b2b1cad9ce44e6d90cd31a4a72549e90f1082ad9
- SHA256
  
  70757a81d4584a446c66aa42b91d049986e2d9c73b58cd5e04fe1ea86e55082d
- SHA512
  
  29d1d6f68d57e837df04b2417891cc3a289275496baf0978de45630130bf1e7ff772858fd209f9798b9a46e06d80c600ad2a31de9288339b1695d8d30135487a
- SSDEEP
  
  3072:URQ3mPKKKKurTL1RP/PHgwtcpNg80Qs+fcu+hYLofoRApr4DAfdKtDx8Hgh1qnoE:xpNuQYLog6p4GYtDqHghbPVE
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2