ad11ede52959077f85aa13f567d36edd52a308086c04e8da745a55560ec436cf | Triage

Sharing

General

Target

ad11ede52959077f85aa13f567d36edd52a308086c04e8da745a55560ec436cf
Size

2.4MB
Sample

221127-jqrzpsba28
MD5

548e5941740094692eaf41caffe4bd4d
SHA1

4decc7688fcb2a639795d318f342c21b3d81f3b6
SHA256

ad11ede52959077f85aa13f567d36edd52a308086c04e8da745a55560ec436cf
SHA512

a2f5b878b2298443c3711eb2eeacbb648760fd59d28a481fdc09db14d1c5aa19f0a03861dc3786a37f4b6afae40a50f974feb7dffa7107f886ef5cda950c26e3
SSDEEP

49152:ykwkn9IMHeaIbeaPCSOVPgXoR2fGh1WtgAzingHvBHKdj3ROL2/:xdnVEPC9VPB7OgAugHvy+2/

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  ad11ede52959077f85aa13f567d36edd52a308086c04e8da745a55560ec436cf
- Size
  
  2.4MB
- MD5
  
  548e5941740094692eaf41caffe4bd4d
- SHA1
  
  4decc7688fcb2a639795d318f342c21b3d81f3b6
- SHA256
  
  ad11ede52959077f85aa13f567d36edd52a308086c04e8da745a55560ec436cf
- SHA512
  
  a2f5b878b2298443c3711eb2eeacbb648760fd59d28a481fdc09db14d1c5aa19f0a03861dc3786a37f4b6afae40a50f974feb7dffa7107f886ef5cda950c26e3
- SSDEEP
  
  49152:ykwkn9IMHeaIbeaPCSOVPgXoR2fGh1WtgAzingHvBHKdj3ROL2/:xdnVEPC9VPB7OgAugHvy+2/
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2