61d5bef5b6d2fda2711d24ca534dcd56ec1d89d82dfcd495b1aa864984481635 | Triage

Sharing

General

Target

61d5bef5b6d2fda2711d24ca534dcd56ec1d89d82dfcd495b1aa864984481635
Size

124KB
Sample

221127-2rfbeaab3t
MD5

889e4e72c73a56a3eb849c5cabf23a55
SHA1

b6df6bf2c9bbdda76b484f06e16dffa796481b93
SHA256

61d5bef5b6d2fda2711d24ca534dcd56ec1d89d82dfcd495b1aa864984481635
SHA512

18e8b34e53cc5c4f3633573158228b53d2415e14e8c19221612ae5594bb8ff70247f2d80e34c746db5e932a1531a14c547e52ee57395d4b8a868bf2a26b8734c
SSDEEP

1536:aDrEyzvdep/dPeoHlYNM6k0NwzApTBNagnXEynNlje2PEWVtvfMnY:ab4pFlPsnYgnUyy2PEwvfCY

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  61d5bef5b6d2fda2711d24ca534dcd56ec1d89d82dfcd495b1aa864984481635
- Size
  
  124KB
- MD5
  
  889e4e72c73a56a3eb849c5cabf23a55
- SHA1
  
  b6df6bf2c9bbdda76b484f06e16dffa796481b93
- SHA256
  
  61d5bef5b6d2fda2711d24ca534dcd56ec1d89d82dfcd495b1aa864984481635
- SHA512
  
  18e8b34e53cc5c4f3633573158228b53d2415e14e8c19221612ae5594bb8ff70247f2d80e34c746db5e932a1531a14c547e52ee57395d4b8a868bf2a26b8734c
- SSDEEP
  
  1536:aDrEyzvdep/dPeoHlYNM6k0NwzApTBNagnXEynNlje2PEWVtvfMnY:ab4pFlPsnYgnUyy2PEwvfCY
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2