b78fda9e5e1378e550718f2e5a429941d661441164db279024ff87acf5c1c82f | Triage

Sharing

General

Target

b78fda9e5e1378e550718f2e5a429941d661441164db279024ff87acf5c1c82f
Size

120KB
Sample

221124-ephbnabd2v
MD5

69dd83aa879d30cc29348963f3958255
SHA1

9a3f089c5d2f7e6c29acf89f15103730fadadf04
SHA256

b78fda9e5e1378e550718f2e5a429941d661441164db279024ff87acf5c1c82f
SHA512

6149178de274a5b796e4a2999e736f8c767f645ab319d67fc5cf7ed4eb6fb098aab657ed29b58b0944901e59043cd7aad3d0915b2dc13c5718a9efba0c78abdb
SSDEEP

3072:YwStxY3/etB8WJwy/mMeUDusnZCwzKAzswF1De7iyB:YdnMGYWJJ/Kpsn4QVBaOq

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  zahlung_in_auftrag_2014_12_2_000002_000039_900002_0_1_6_928_29873565001_0003.exe
- Size
  
  144KB
- MD5
  
  738dd7cf1133cc2813a10813859e6e61
- SHA1
  
  dcfca6a60b767a64058e3d653a43789c1461e997
- SHA256
  
  74e86d70cb60b9ca846a892d99570500ddf7f5d376f70cd0c3346edd29680d57
- SHA512
  
  64edf119f1ee78f63deb5b41fe978cf57a05e09ce9f9597c12e29d21e718bdd8bdc717d5049c38cdb607e4d9db33a69df4c0f2aa06c3839043685d1be7b71389
- SSDEEP
  
  3072:UD6NN25bPpA3chmH/qB8WJwy/mMeUbusnZCwzPAzswF1De7iyc:JfMTpR4/JWJJ/K3sn4Q4BaOv
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2