cdb4a97c262238277a36295619fb9a8563f262fd1a38e815fcc436124ff43c7b | Triage

Sharing

General

Target

ed6fbada379c5d30b0a64e0add8b4dba.exe
Size

28KB
Sample

210720-fb14qtl3l2
MD5

ed6fbada379c5d30b0a64e0add8b4dba
SHA1

d0bc72cae5ed6a5ed09e3586c4c6a80ae9a5e3da
SHA256

cdb4a97c262238277a36295619fb9a8563f262fd1a38e815fcc436124ff43c7b
SHA512

f9ddee20d17fbceab5f59b6826afd49b11098dd0d1a8532369f1a8b8b5acdb16bf57ede1e998e81f9fde9513ca26cb2cdf997c72e09069de8a358f26fbe63420

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  ed6fbada379c5d30b0a64e0add8b4dba.exe
- Size
  
  28KB
- MD5
  
  ed6fbada379c5d30b0a64e0add8b4dba
- SHA1
  
  d0bc72cae5ed6a5ed09e3586c4c6a80ae9a5e3da
- SHA256
  
  cdb4a97c262238277a36295619fb9a8563f262fd1a38e815fcc436124ff43c7b
- SHA512
  
  f9ddee20d17fbceab5f59b6826afd49b11098dd0d1a8532369f1a8b8b5acdb16bf57ede1e998e81f9fde9513ca26cb2cdf997c72e09069de8a358f26fbe63420
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2