f20a52638abef8dd9f645a67cf7d516438710c519b0951f75ab1960dfec08b31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f20a52638abef8dd9f645a67cf7d516438710c519b0951f75ab1960dfec08b31
Size

180KB
Sample

221125-2547pagg2z
MD5

15c28add432ee495a7dea883bd42d42a
SHA1

df3f6dca901c9f7363f0d5dc082551cbd0615ff9
SHA256

f20a52638abef8dd9f645a67cf7d516438710c519b0951f75ab1960dfec08b31
SHA512

280c5955f462456dd082af1cbae742a8a864feda89d81442822b6ce953411cf5895268493fe2722037570279b6da35ad5c4f053f3d7bc306d3f8147f61300d7c
SSDEEP

3072:qG2UQO+HARPquq34BE4q8Qt1SYT+nTGWXi+lhWL3W2TqHBZpBaCt:UUQjWquq34BE4bK1roTtiehWdyryA

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  f20a52638abef8dd9f645a67cf7d516438710c519b0951f75ab1960dfec08b31
- Size
  
  180KB
- MD5
  
  15c28add432ee495a7dea883bd42d42a
- SHA1
  
  df3f6dca901c9f7363f0d5dc082551cbd0615ff9
- SHA256
  
  f20a52638abef8dd9f645a67cf7d516438710c519b0951f75ab1960dfec08b31
- SHA512
  
  280c5955f462456dd082af1cbae742a8a864feda89d81442822b6ce953411cf5895268493fe2722037570279b6da35ad5c4f053f3d7bc306d3f8147f61300d7c
- SSDEEP
  
  3072:qG2UQO+HARPquq34BE4q8Qt1SYT+nTGWXi+lhWL3W2TqHBZpBaCt:UUQjWquq34BE4bK1roTtiehWdyryA
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2