70ef86554b0c0d5e033c90ffc7a9b9cc226a7b04cc48f592e9497c2e21ffd381 | Triage

Sharing

General

Target

70ef86554b0c0d5e033c90ffc7a9b9cc226a7b04cc48f592e9497c2e21ffd381
Size

96KB
Sample

221201-dx8cdaae66
MD5

e5be71577d84bbffa67d2c3017afdf54
SHA1

9af1344ecb4c5f1d47804f229b5a06d32017361f
SHA256

70ef86554b0c0d5e033c90ffc7a9b9cc226a7b04cc48f592e9497c2e21ffd381
SHA512

2597aeb09949afbc3e141df0dd751cc40a9d43159c9a5c734938be77b844fb984b8bfac04517c20dd817e7b47df09a9f61be8255082ef3fbb8a22dadcc764171
SSDEEP

1536:rY7PlAy7rMg9QletltwACUlC1YSZh70MKjHnKlH:r+NN7r5tjdG70MDH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  70ef86554b0c0d5e033c90ffc7a9b9cc226a7b04cc48f592e9497c2e21ffd381
- Size
  
  96KB
- MD5
  
  e5be71577d84bbffa67d2c3017afdf54
- SHA1
  
  9af1344ecb4c5f1d47804f229b5a06d32017361f
- SHA256
  
  70ef86554b0c0d5e033c90ffc7a9b9cc226a7b04cc48f592e9497c2e21ffd381
- SHA512
  
  2597aeb09949afbc3e141df0dd751cc40a9d43159c9a5c734938be77b844fb984b8bfac04517c20dd817e7b47df09a9f61be8255082ef3fbb8a22dadcc764171
- SSDEEP
  
  1536:rY7PlAy7rMg9QletltwACUlC1YSZh70MKjHnKlH:r+NN7r5tjdG70MDH
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2