fe18eee04884625962311b2a2bfeb5b1df7554b9cbe3575bb3f937d64421c21a | Triage

Sharing

General

Target

fe18eee04884625962311b2a2bfeb5b1df7554b9cbe3575bb3f937d64421c21a
Size

288KB
Sample

221122-31nvksde57
MD5

ef3b4513c500ac327a3198716bc12e12
SHA1

ec3176119e22f29dc1ae21c5e58f4f6e1474f13b
SHA256

fe18eee04884625962311b2a2bfeb5b1df7554b9cbe3575bb3f937d64421c21a
SHA512

336bcb2278cc7f9a025360cc46392b3a098daaa41dfa54de6d8ffd53c72e5aa418e4e27edb5725ff161470daa6060dc8ad5bbd3814bc25d911e6ffdb08841901
SSDEEP

6144:sqYG7QL5I69LMJ41QvhVix2nRk8Xcs7jyH:lcLKe4y1EVigR3nyH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fe18eee04884625962311b2a2bfeb5b1df7554b9cbe3575bb3f937d64421c21a
- Size
  
  288KB
- MD5
  
  ef3b4513c500ac327a3198716bc12e12
- SHA1
  
  ec3176119e22f29dc1ae21c5e58f4f6e1474f13b
- SHA256
  
  fe18eee04884625962311b2a2bfeb5b1df7554b9cbe3575bb3f937d64421c21a
- SHA512
  
  336bcb2278cc7f9a025360cc46392b3a098daaa41dfa54de6d8ffd53c72e5aa418e4e27edb5725ff161470daa6060dc8ad5bbd3814bc25d911e6ffdb08841901
- SSDEEP
  
  6144:sqYG7QL5I69LMJ41QvhVix2nRk8Xcs7jyH:lcLKe4y1EVigR3nyH
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Checks for any installed AV software in registry
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2