7f576000d22e51d72f6cb0e18bf7b9e8e6c04f857cfbd66c9b85900454e217bb | Triage

Sharing

General

Target

7fb1b711da7d0f513963735afbddd7b3
Size

903KB
Sample

240129-nas92shhcm
MD5

7fb1b711da7d0f513963735afbddd7b3
SHA1

fc5fd65378855ee5691914771db4192147af535c
SHA256

7f576000d22e51d72f6cb0e18bf7b9e8e6c04f857cfbd66c9b85900454e217bb
SHA512

b71d247592132edf6657339707fc567186b24f4ab353878e7a04a3d49e1e663e1e337c036bc07ea81dc5385c699647b7e580954867ed5fc30cffb1455729c785
SSDEEP

12288:/gEP0EzibDdVhbLSa412Y1+m9Hazoeo6JHN4XeXPMJvMESVc040noilVSOqnoJ:II03b5Vh3Sko8fLH+Xe/MJvMgYoilVwa

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7fb1b711da7d0f513963735afbddd7b3
- Size
  
  903KB
- MD5
  
  7fb1b711da7d0f513963735afbddd7b3
- SHA1
  
  fc5fd65378855ee5691914771db4192147af535c
- SHA256
  
  7f576000d22e51d72f6cb0e18bf7b9e8e6c04f857cfbd66c9b85900454e217bb
- SHA512
  
  b71d247592132edf6657339707fc567186b24f4ab353878e7a04a3d49e1e663e1e337c036bc07ea81dc5385c699647b7e580954867ed5fc30cffb1455729c785
- SSDEEP
  
  12288:/gEP0EzibDdVhbLSa412Y1+m9Hazoeo6JHN4XeXPMJvMESVc040noilVSOqnoJ:II03b5Vh3Sko8fLH+Xe/MJvMgYoilVwa
Score

8^/10

persistence
- Drops file in Drivers directory
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2