7e941a9f7edc13ad8c42158f21bf176719b694524ecc0eff9c22be76c5555250 | Triage

Sharing

General

Target

7e941a9f7edc13ad8c42158f21bf176719b694524ecc0eff9c22be76c5555250
Size

138KB
Sample

221124-p3vt1sec54
MD5

eaba55bf24ff4762bfeba16093f1b529
SHA1

26678756eb77dbe6f8c1c867e63641e2f5f77a9f
SHA256

7e941a9f7edc13ad8c42158f21bf176719b694524ecc0eff9c22be76c5555250
SHA512

20bd8f845a725ab7e5f4e8963ced74d2ec4381e4d841ce56579e90bc7cdf7f05854b9f62824bcde9c9ea563476b0f1e3a4d3c63086f08a791ab8990d45962ae6
SSDEEP

3072:KTCx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp13n3wQGy:KTCoGtmiYlW4A1QvGXjB3gQGy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7e941a9f7edc13ad8c42158f21bf176719b694524ecc0eff9c22be76c5555250
- Size
  
  138KB
- MD5
  
  eaba55bf24ff4762bfeba16093f1b529
- SHA1
  
  26678756eb77dbe6f8c1c867e63641e2f5f77a9f
- SHA256
  
  7e941a9f7edc13ad8c42158f21bf176719b694524ecc0eff9c22be76c5555250
- SHA512
  
  20bd8f845a725ab7e5f4e8963ced74d2ec4381e4d841ce56579e90bc7cdf7f05854b9f62824bcde9c9ea563476b0f1e3a4d3c63086f08a791ab8990d45962ae6
- SSDEEP
  
  3072:KTCx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp13n3wQGy:KTCoGtmiYlW4A1QvGXjB3gQGy
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2