3eb888d670c023ed90e5790a96e5de4a253f59a6175a17fbb54001f32b6ce700 | Triage

Sharing

General

Target

3eb888d670c023ed90e5790a96e5de4a253f59a6175a17fbb54001f32b6ce700
Size

138KB
Sample

220919-yp3gdaagbr
MD5

ff5615082f44cf79819923e1d19de24f
SHA1

8abc63b810609ab548156ae96cc3e82eae7467cb
SHA256

3eb888d670c023ed90e5790a96e5de4a253f59a6175a17fbb54001f32b6ce700
SHA512

174b9fb31b86df6b8fabb0efcbd6320a8d962019c87412b59b6f80bda1579c13f034f2f6c60c5cdfe5c4c41f4cbf55064610aba96036540c75771345f1d56219
SSDEEP

3072:bD3xUmTgbvFrycjfJdMR2dYU0T3RV/yleudoiYPmZE5jGfaaFu4AiZ:bTxqvFWIJ/d23RXiYPmu5jgg4AiZ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  MyServer.exe
- Size
  
  124KB
- MD5
  
  04b0d46b590a5cc66e718ce8e7a78192
- SHA1
  
  41b15f23aacc436f7377db9e4b7f9870fb3e5a90
- SHA256
  
  0e447dcd6635389a363cc8ee2e4faf3a3591e2056157dcbdf97cb3ce566f1df5
- SHA512
  
  9b5aec469d89226a14e7d6b4de0a09fd4df5f85c25f086e4357ee5b7fa20a0f1834cfff2450652918a7255c325ec4b9bf5de3e521b7d10dd82c17ac1ada386ca
- SSDEEP
  
  1536:5cqrQ45YHwTK8JzDGBkQaH5ri+LXX4tRVSsJk3etJfVbx:9F5xe8JzDGfUi7esJkOtJ9bx
Score

8^/10

persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Recton.exe
- Size
  
  85KB
- MD5
  
  0a9468bcb6a061aeb86ce2d097f99aaa
- SHA1
  
  049b57ebfbade09f2acd3bba8004fd268e9f0ba3
- SHA256
  
  56d377beb41152c614a15131b4331bdd2092500902fc918d48b073c6dc36507a
- SHA512
  
  c83b043f86445bbf72605cd0189e15e462963a3a71b7cde9c65a8e7c7db818eb612b9d8790e10fcdb985ef042945988d7812f20acf85910d687d240e46a7eebb
- SSDEEP
  
  1536:VlBeGeDeqFsLpLSOETWSN8Yv/PX5AAeYAD8GXN+I7fJ+aCl1feT:VlBeGeKOhtSSFpNevzoI7h+aS1GT
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4