4f2a28d56eaeff09fb4731991fe360ae0c6626a8d86b98b47d1e3d020760aa8b | Triage

Sharing

General

Target

4f2a28d56eaeff09fb4731991fe360ae0c6626a8d86b98b47d1e3d020760aa8b
Size

144KB
Sample

221124-eplzvabd21
MD5

9a7c1c0b38c6cce942a9a2f4919c1174
SHA1

b14cee286304621259329f2fc293e2fed54451ff
SHA256

4f2a28d56eaeff09fb4731991fe360ae0c6626a8d86b98b47d1e3d020760aa8b
SHA512

cd7218de3ba475a67bbe31635f0fdfbd769a0e203880d76b8c34ef289d96052874ef05cf777691092ea7a6267b6af32bae37df6a61d67ea0c415f85434ce86fb
SSDEEP

3072:UD6FqJfUgP4V9fkSD7x5mCFgadUM8RqKTStXIGhN:JFsckSH3VZiTSGGhN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4f2a28d56eaeff09fb4731991fe360ae0c6626a8d86b98b47d1e3d020760aa8b
- Size
  
  144KB
- MD5
  
  9a7c1c0b38c6cce942a9a2f4919c1174
- SHA1
  
  b14cee286304621259329f2fc293e2fed54451ff
- SHA256
  
  4f2a28d56eaeff09fb4731991fe360ae0c6626a8d86b98b47d1e3d020760aa8b
- SHA512
  
  cd7218de3ba475a67bbe31635f0fdfbd769a0e203880d76b8c34ef289d96052874ef05cf777691092ea7a6267b6af32bae37df6a61d67ea0c415f85434ce86fb
- SSDEEP
  
  3072:UD6FqJfUgP4V9fkSD7x5mCFgadUM8RqKTStXIGhN:JFsckSH3VZiTSGGhN
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2