70a9729398a4acd0bbeb8a75eb62555cd8f509f3ac4e04338c62cdef3a8d0419 | Triage

Sharing

General

Target

70a9729398a4acd0bbeb8a75eb62555cd8f509f3ac4e04338c62cdef3a8d0419.exe
Size

978KB
Sample

240829-b168daygjm
MD5

6d9f3a386490c69c6d6a49a5d1b756a5
SHA1

7c49c3a73e94674c803381cfd199e4f6bd9c7d60
SHA256

70a9729398a4acd0bbeb8a75eb62555cd8f509f3ac4e04338c62cdef3a8d0419
SHA512

2310deb2d92b94321fa4dd0aebe0c91bf93cb3915c74d6a3ee6b42bf7fa2846ba0f9e0cb70e60924fbcd073244c85e20bf9058c159cfd7a675f9481f59dd935a
SSDEEP

24576:HZGtMXDHVI7ZsW2oXWWIAi0+NDP+k1HkT6vN72rgJ/n:HQc1QuW2gd+ddlN2cJv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  70a9729398a4acd0bbeb8a75eb62555cd8f509f3ac4e04338c62cdef3a8d0419.exe
- Size
  
  978KB
- MD5
  
  6d9f3a386490c69c6d6a49a5d1b756a5
- SHA1
  
  7c49c3a73e94674c803381cfd199e4f6bd9c7d60
- SHA256
  
  70a9729398a4acd0bbeb8a75eb62555cd8f509f3ac4e04338c62cdef3a8d0419
- SHA512
  
  2310deb2d92b94321fa4dd0aebe0c91bf93cb3915c74d6a3ee6b42bf7fa2846ba0f9e0cb70e60924fbcd073244c85e20bf9058c159cfd7a675f9481f59dd935a
- SSDEEP
  
  24576:HZGtMXDHVI7ZsW2oXWWIAi0+NDP+k1HkT6vN72rgJ/n:HQc1QuW2gd+ddlN2cJv
Score

10^/10

persistence
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2