39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08 | Triage

Sharing

General

Target

39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08
Size

165KB
Sample

221020-rje1kaggbl
MD5

96ae0b86ca6002d971e1085227ea1890
SHA1

55e30f973af9fc3dce47279b5b0fe838b2a87f6d
SHA256

39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08
SHA512

f1bead994b4a78fe2366b1c2b0bf05307ffd7c7c65aed12a0d65130dce309c8a98035f3a75fe5155b9622ae10871748e7ad771374770a0da4ec899351b33d69f
SSDEEP

3072:6NnavGyaM/t4Fw4NV/Uss9Q6OEJLbFqtVrhbZiGD75ViBuWLjurVgFh8O:wnauytVOvwQ6hJLItVvzfPiBVXOWhh

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08
- Size
  
  165KB
- MD5
  
  96ae0b86ca6002d971e1085227ea1890
- SHA1
  
  55e30f973af9fc3dce47279b5b0fe838b2a87f6d
- SHA256
  
  39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08
- SHA512
  
  f1bead994b4a78fe2366b1c2b0bf05307ffd7c7c65aed12a0d65130dce309c8a98035f3a75fe5155b9622ae10871748e7ad771374770a0da4ec899351b33d69f
- SSDEEP
  
  3072:6NnavGyaM/t4Fw4NV/Uss9Q6OEJLbFqtVrhbZiGD75ViBuWLjurVgFh8O:wnauytVOvwQ6hJLItVvzfPiBVXOWhh
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2