17ce42c1200b4ac3e391fe65eec76852cad87d2ad16c05d3b31542564cf76be1 | Triage

Sharing

General

Target

17ce42c1200b4ac3e391fe65eec76852cad87d2ad16c05d3b31542564cf76be1
Size

124KB
Sample

221124-ew8gesgf89
MD5

dc1ab6b96a26127f4bfb63480deb4964
SHA1

d52c4d124bfe20d308b56f9ee9b2743940ee71f8
SHA256

17ce42c1200b4ac3e391fe65eec76852cad87d2ad16c05d3b31542564cf76be1
SHA512

8a523f0e3dc25e3a03bc0b4f57a873fe09f912debb806ea1cdbf54031b072d28277fb59898922c47abfa0a802691777607ce99a6fef0bfecba7a9151294357c8
SSDEEP

3072:zKYibOc7OECeWVKXdevcaFFAn+jUkrKkO2WU2wm0:eYitaxeSKXgcaZBx3fN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  online_transaktions_11_2014_0939380001_12987384_93_39_003_365_9388347_00111_02000028.exe
- Size
  
  164KB
- MD5
  
  744c74d17d06d1a57fde4eb674b658e5
- SHA1
  
  4db6ca64d8891bea93e4fef0e54753afefe2fc1f
- SHA256
  
  2c4ebda5b2fc4e138ac11f456cafc4fbdf81f557c1d27469da123a8a4bad7da4
- SHA512
  
  ca43f4e7d33d1192facb320d27dfda3519b5fe8c723baa79e9e71b87a677ea75577fb8bb3ae45365207c736ec1f7273ceed12de5725ff20005f172e77538decd
- SSDEEP
  
  3072:aLYWOECeWVKXdevckFFAn+jUkrKkO2oATT5o/2OWo:aLwxeSKXgckZBx3o4TWq
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2