5d63b837589720da7e45a9cff617488eb1e29a39e7ec23de28d495a799d4fc18 | Triage

Sharing

General

Target

5d63b837589720da7e45a9cff617488eb1e29a39e7ec23de28d495a799d4fc18
Size

45KB
Sample

220731-3nfcnsedgk
MD5

ad090589116ae6ba1efb9d09ec7fb098
SHA1

f9efe2e2591204800787907583a88b2a87348b49
SHA256

5d63b837589720da7e45a9cff617488eb1e29a39e7ec23de28d495a799d4fc18
SHA512

37572a0131d2d3910fd8bca4bf35982626d61fb0c5ab442c002607fc0c3a312e29f9f571b70faa5e7d8e86ce471b4ad724b7fe1e2f24892ca623de391476e2b3

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5d63b837589720da7e45a9cff617488eb1e29a39e7ec23de28d495a799d4fc18
- Size
  
  45KB
- MD5
  
  ad090589116ae6ba1efb9d09ec7fb098
- SHA1
  
  f9efe2e2591204800787907583a88b2a87348b49
- SHA256
  
  5d63b837589720da7e45a9cff617488eb1e29a39e7ec23de28d495a799d4fc18
- SHA512
  
  37572a0131d2d3910fd8bca4bf35982626d61fb0c5ab442c002607fc0c3a312e29f9f571b70faa5e7d8e86ce471b4ad724b7fe1e2f24892ca623de391476e2b3
Score

8^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2