4698a796eede593a47ab515ad8456f7945826168d7808a1058582e1af869693a | Triage

Sharing

General

Target

4698a796eede593a47ab515ad8456f7945826168d7808a1058582e1af869693a
Size

134KB
Sample

221124-ez7z3acb4t
MD5

4e613048073394ab1f700c2039afc2ab
SHA1

dbf34000e39540bffc4a15c5c4d00c9fea4020c1
SHA256

4698a796eede593a47ab515ad8456f7945826168d7808a1058582e1af869693a
SHA512

c4c495636b39da74cd620fd6b5b9927d0d3ef13304fe6d7396b8efd883e4031f56fda9f31c7b39b579581e85ae596c68f294aec7e94b5b1dded78cbdbf36e030
SSDEEP

3072:SAW4fPV687SIm8raMol/Lg7Qir8d/xjcbfMrRP6lhDqPCm:HWGPV687SnzU+/F08P6zDqPCm

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  online_transaktions_11_2014_0939380001_12987384_93_39_003_365_9388347_00111_02000028.exe
- Size
  
  188KB
- MD5
  
  e3ace455382fa7708264257983339263
- SHA1
  
  ab979cc544c46903d41fe773c568e2fa54a9bc44
- SHA256
  
  f2d682b9bd2857603944471a9baf4a8d83a897d7be57dbf473c8f07fd8f5ed1a
- SHA512
  
  be4a8e0770d30eb888a27490954b6109353673234f3b30b3c384d624ff79f3171a3ffff310883cb2f0930f0c64edb716171a78b3a166b44d855c08a0742c46ff
- SSDEEP
  
  3072:gudusODvGZVHhS1drkr3k1hsz3F8ol/Lg7Qir8B/xjcbfMrRPyczWIqT9tYhOddx:k9+phSzOFUs/F08PLWIqT2M
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2