9f4e84629acc73ae01dd5eb4670ebd0366dc7aabf465f7013d9e37b7e2349f1b | Triage

Sharing

General

Target

SecuriteInfo.com.Variant.Johnnie.323807.26508.21921
Size

1.4MB
Sample

210420-r7mqs36rq2
MD5

b7ba4e82fe9ff22b4ea1372fd0c3a8d1
SHA1

dc4e72d4b4bcc4bc18c7fb915ae7f53bccb2ab52
SHA256

9f4e84629acc73ae01dd5eb4670ebd0366dc7aabf465f7013d9e37b7e2349f1b
SHA512

c888ac83dca3d964c85c9bebf23da312421c687f496b92e9387de863d1c892ce6aff3035b221e6c51661d5a7898990f93cc56dde9837bdd7e37bdc5d8f14bb15

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Variant.Johnnie.323807.26508.21921
- Size
  
  1.4MB
- MD5
  
  b7ba4e82fe9ff22b4ea1372fd0c3a8d1
- SHA1
  
  dc4e72d4b4bcc4bc18c7fb915ae7f53bccb2ab52
- SHA256
  
  9f4e84629acc73ae01dd5eb4670ebd0366dc7aabf465f7013d9e37b7e2349f1b
- SHA512
  
  c888ac83dca3d964c85c9bebf23da312421c687f496b92e9387de863d1c892ce6aff3035b221e6c51661d5a7898990f93cc56dde9837bdd7e37bdc5d8f14bb15
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2