60e93179fdc24865d5d06c00a6280a224263def03b1d9b081b0edf972ed95ad1 | Triage

Sharing

General

Target

TT-3.exe
Size

4.9MB
Sample

210627-1r3fe7y4mj
MD5

0b4ab2b8547d9d49b35788f9da74b439
SHA1

7452326f93c8dc33695dee74e092aabcac462f3b
SHA256

60e93179fdc24865d5d06c00a6280a224263def03b1d9b081b0edf972ed95ad1
SHA512

89d6ca06231f9b9534d6938e1f698c06ee3ab594351940e2e5ec6b1a8079426bbccf20474a9808848885705627a80cf0511df76e4c5c0b8f56f2a09df3e9bb46

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  TT-3.exe
- Size
  
  4.9MB
- MD5
  
  0b4ab2b8547d9d49b35788f9da74b439
- SHA1
  
  7452326f93c8dc33695dee74e092aabcac462f3b
- SHA256
  
  60e93179fdc24865d5d06c00a6280a224263def03b1d9b081b0edf972ed95ad1
- SHA512
  
  89d6ca06231f9b9534d6938e1f698c06ee3ab594351940e2e5ec6b1a8079426bbccf20474a9808848885705627a80cf0511df76e4c5c0b8f56f2a09df3e9bb46
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2