74f81488637d5ab5ff32aa75dec6c9fc0995abd76d1ff80bd93a0a20b995271f | Triage

Sharing

General

Target

file.exe
Size

1024KB
Sample

220908-fwsxeadgc3
MD5

7ca925cfbb7fbdf1bfec8669f2187eaf
SHA1

f19ab3424d46842e494cd73ade54be773a9c4a1d
SHA256

74f81488637d5ab5ff32aa75dec6c9fc0995abd76d1ff80bd93a0a20b995271f
SHA512

dfb9c20bb2d882e8ca661ce78a76903d527f7e3a35d2dbd725f28b04e5f7b4d412a050ba562165cec593ccfa06fec2a8d013f60abceb2e31270457e4e249e159
SSDEEP

24576:zymtT27bMup0ty9+8vCHkKURkd2dk9brsfA/fSylSUdQ:GyS0qcXJrsfA3S

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  1024KB
- MD5
  
  7ca925cfbb7fbdf1bfec8669f2187eaf
- SHA1
  
  f19ab3424d46842e494cd73ade54be773a9c4a1d
- SHA256
  
  74f81488637d5ab5ff32aa75dec6c9fc0995abd76d1ff80bd93a0a20b995271f
- SHA512
  
  dfb9c20bb2d882e8ca661ce78a76903d527f7e3a35d2dbd725f28b04e5f7b4d412a050ba562165cec593ccfa06fec2a8d013f60abceb2e31270457e4e249e159
- SSDEEP
  
  24576:zymtT27bMup0ty9+8vCHkKURkd2dk9brsfA/fSylSUdQ:GyS0qcXJrsfA3S
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Process Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2