26d8c36db7e4fc1929f387c10ee60c396a552077de4b555b14d5a5edcbe6e693 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26d8c36db7e4fc1929f387c10ee60c396a552077de4b555b14d5a5edcbe6e693
Size

1.4MB
Sample

221125-ygqgvadh6t
MD5

91a365ba54d588a2a7d0fd8feea6b523
SHA1

961d4503e942b5b51f690cc5bf1e78dec875c13f
SHA256

26d8c36db7e4fc1929f387c10ee60c396a552077de4b555b14d5a5edcbe6e693
SHA512

79c870a060fa5a3e188f9130f76f2d54ee75864f50a20d73f1511b3814f066d4fd3756f9c870202615cdc5bc36635b8990265e9defab8de3052de4fd445703d5
SSDEEP

24576:68gP2Rq9XZbJNRg4pCz3qv4nR32WbRCbF9TgjwYhqmK1KvwVevm7IfT3GuRVM:6NOkNe4OvnLCJ9Tg09mXBFf7GN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  26d8c36db7e4fc1929f387c10ee60c396a552077de4b555b14d5a5edcbe6e693
- Size
  
  1.4MB
- MD5
  
  91a365ba54d588a2a7d0fd8feea6b523
- SHA1
  
  961d4503e942b5b51f690cc5bf1e78dec875c13f
- SHA256
  
  26d8c36db7e4fc1929f387c10ee60c396a552077de4b555b14d5a5edcbe6e693
- SHA512
  
  79c870a060fa5a3e188f9130f76f2d54ee75864f50a20d73f1511b3814f066d4fd3756f9c870202615cdc5bc36635b8990265e9defab8de3052de4fd445703d5
- SSDEEP
  
  24576:68gP2Rq9XZbJNRg4pCz3qv4nR32WbRCbF9TgjwYhqmK1KvwVevm7IfT3GuRVM:6NOkNe4OvnLCJ9Tg09mXBFf7GN
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2