5040f8ecb29928c42b4c2987a2720ae531e03e5befd2fe798f0779fa99286620 | Triage

Sharing

General

Target

5040f8ecb29928c42b4c2987a2720ae531e03e5befd2fe798f0779fa99286620
Size

139KB
Sample

221002-qta9paadfn
MD5

6ec08512d5f95271c8a8317654c9c700
SHA1

8e0836c1d793863d76ea4e463c50ea70c6d1bff0
SHA256

5040f8ecb29928c42b4c2987a2720ae531e03e5befd2fe798f0779fa99286620
SHA512

ab4777cab7c7671ddbb63766a2b4f9524eebe1fcedb7db1eadd9e7936f613fad2f9bb77f931ed60306c3dcffbac47a793127ff93766d1077d14f686bd5d46e08
SSDEEP

3072:4gXdZt9P6D3XJcMufNC0Rc1SOCsC3FFkX1Sl9vwlH6EePM2d+a:4e34fENCEVFklSl9oVs+a

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5040f8ecb29928c42b4c2987a2720ae531e03e5befd2fe798f0779fa99286620
- Size
  
  139KB
- MD5
  
  6ec08512d5f95271c8a8317654c9c700
- SHA1
  
  8e0836c1d793863d76ea4e463c50ea70c6d1bff0
- SHA256
  
  5040f8ecb29928c42b4c2987a2720ae531e03e5befd2fe798f0779fa99286620
- SHA512
  
  ab4777cab7c7671ddbb63766a2b4f9524eebe1fcedb7db1eadd9e7936f613fad2f9bb77f931ed60306c3dcffbac47a793127ff93766d1077d14f686bd5d46e08
- SSDEEP
  
  3072:4gXdZt9P6D3XJcMufNC0Rc1SOCsC3FFkX1Sl9vwlH6EePM2d+a:4e34fENCEVFklSl9oVs+a
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2