eda6ca93534810e98fcf29ccc0d6e5df48c0ab1b6143e4b79bdceab5eacd6c7a | Triage

Sharing

General

Target

eda6ca93534810e98fcf29ccc0d6e5df48c0ab1b6143e4b79bdceab5eacd6c7a
Size

666KB
Sample

221003-g631sscgfp
MD5

622e23c25fc82b955e4f1b0420c9dd57
SHA1

5ddf6a2f7670ca7f804b8d4d98e279aa4b03835b
SHA256

eda6ca93534810e98fcf29ccc0d6e5df48c0ab1b6143e4b79bdceab5eacd6c7a
SHA512

d163d346e9571b1dba5622825ffc987b31e460e7b05713c33c61ad7979bd8b7320fcd74b49f0e53203cf722b6989ba3f68dc0609eff409535bf1d1bbafe8a9dd
SSDEEP

12288:nIyD+tMdmSu1kI6NxW6IHPxpz2x3qHJkuAQV6NpZRaSuL28EUebeY5acZ:nlPd9akIsYNHPx63okuYr3uKwW5aS

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  eda6ca93534810e98fcf29ccc0d6e5df48c0ab1b6143e4b79bdceab5eacd6c7a
- Size
  
  666KB
- MD5
  
  622e23c25fc82b955e4f1b0420c9dd57
- SHA1
  
  5ddf6a2f7670ca7f804b8d4d98e279aa4b03835b
- SHA256
  
  eda6ca93534810e98fcf29ccc0d6e5df48c0ab1b6143e4b79bdceab5eacd6c7a
- SHA512
  
  d163d346e9571b1dba5622825ffc987b31e460e7b05713c33c61ad7979bd8b7320fcd74b49f0e53203cf722b6989ba3f68dc0609eff409535bf1d1bbafe8a9dd
- SSDEEP
  
  12288:nIyD+tMdmSu1kI6NxW6IHPxpz2x3qHJkuAQV6NpZRaSuL28EUebeY5acZ:nlPd9akIsYNHPx63okuYr3uKwW5aS
Score

8^/10

evasion persistence
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2