14b687b3011d80be3e701c421fe6b617e4fc70211dc2ea2c0dd85eaa71bb544c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f70e18523d08631d3b98ab6acc9d4604
Size

96KB
Sample

231228-zksl2sdabq
MD5

f70e18523d08631d3b98ab6acc9d4604
SHA1

d03013b931d0390595ebfe01ae31b5379eeaafa0
SHA256

14b687b3011d80be3e701c421fe6b617e4fc70211dc2ea2c0dd85eaa71bb544c
SHA512

1241c78e521721aba79972b5c342df645acaa965c7f7c8c86eb706f51c86f65bc1b83be83da7d18eafc9e2964f6091c3ad632e1e33622f8874bd8b6421558369
SSDEEP

1536:s8kcu4l7dSZ9T+2mxPAsL/JbuOLZ64ZCPBKbnziw1dVOcwCCQc+VDM+QJtOw/:Scj7k/y2mxB9uMzZCPBK1Dw9Raw/

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f70e18523d08631d3b98ab6acc9d4604
- Size
  
  96KB
- MD5
  
  f70e18523d08631d3b98ab6acc9d4604
- SHA1
  
  d03013b931d0390595ebfe01ae31b5379eeaafa0
- SHA256
  
  14b687b3011d80be3e701c421fe6b617e4fc70211dc2ea2c0dd85eaa71bb544c
- SHA512
  
  1241c78e521721aba79972b5c342df645acaa965c7f7c8c86eb706f51c86f65bc1b83be83da7d18eafc9e2964f6091c3ad632e1e33622f8874bd8b6421558369
- SSDEEP
  
  1536:s8kcu4l7dSZ9T+2mxPAsL/JbuOLZ64ZCPBKbnziw1dVOcwCCQc+VDM+QJtOw/:Scj7k/y2mxB9uMzZCPBK1Dw9Raw/
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2