970b0ce9bd45f443c03057275fc08f928224d0fc82ee457f213efc43a95bc530 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

970b0ce9bd45f443c03057275fc08f928224d0fc82ee457f213efc43a95bc530
Size

56KB
Sample

221203-bw5hzsda97
MD5

550fc088d7cdf084f0888cc06a03fdc2
SHA1

150d8b60d01c9072b20412b081aa4927d206ad92
SHA256

970b0ce9bd45f443c03057275fc08f928224d0fc82ee457f213efc43a95bc530
SHA512

570dc7ab5d9772fd8cd58bc385b9a00704052d4048972f934359a9e4985490e255584c5c5d23626ab681a78938ee1dfc101bf4eed7dfa2d1f1a0bc607ff3a1c4
SSDEEP

768:+osIkRDzZeklCmMJOsre4R/d+oL/YYrIwIkRDz7:+oARDfCmuOme4b+pSIsRDP

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  970b0ce9bd45f443c03057275fc08f928224d0fc82ee457f213efc43a95bc530
- Size
  
  56KB
- MD5
  
  550fc088d7cdf084f0888cc06a03fdc2
- SHA1
  
  150d8b60d01c9072b20412b081aa4927d206ad92
- SHA256
  
  970b0ce9bd45f443c03057275fc08f928224d0fc82ee457f213efc43a95bc530
- SHA512
  
  570dc7ab5d9772fd8cd58bc385b9a00704052d4048972f934359a9e4985490e255584c5c5d23626ab681a78938ee1dfc101bf4eed7dfa2d1f1a0bc607ff3a1c4
- SSDEEP
  
  768:+osIkRDzZeklCmMJOsre4R/d+oL/YYrIwIkRDz7:+oARDfCmuOme4b+pSIsRDP
Score

8^/10

evasion persistence
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence