4d1ba3dbf5ae486bf471426ec083374d4f3ef8259ca84e89ce733211426b76aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d1ba3dbf5ae486bf471426ec083374d4f3ef8259ca84e89ce733211426b76aa
Size

1003KB
Sample

221127-n75dksaf3s
MD5

1971f20dd9d407de4320b973e0797bc9
SHA1

e65765538a422c52b7e4c0c60d197315f4b7e49d
SHA256

4d1ba3dbf5ae486bf471426ec083374d4f3ef8259ca84e89ce733211426b76aa
SHA512

fa174b8cc8d227d8fc38288a26a89c5779a44bd4912e578e4df38cc232ddbf9a38c505c6a4d70e56bfd04e2e6cf844c0f7be86fc658a49c0638f2208122ca76b
SSDEEP

24576:U0yTux7Eooc30gVpcd0fxSlH5X9kTmwvy1vCQrCVd9:6QzUZuTmwvKvCQ2Vd

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  4d1ba3dbf5ae486bf471426ec083374d4f3ef8259ca84e89ce733211426b76aa
- Size
  
  1003KB
- MD5
  
  1971f20dd9d407de4320b973e0797bc9
- SHA1
  
  e65765538a422c52b7e4c0c60d197315f4b7e49d
- SHA256
  
  4d1ba3dbf5ae486bf471426ec083374d4f3ef8259ca84e89ce733211426b76aa
- SHA512
  
  fa174b8cc8d227d8fc38288a26a89c5779a44bd4912e578e4df38cc232ddbf9a38c505c6a4d70e56bfd04e2e6cf844c0f7be86fc658a49c0638f2208122ca76b
- SSDEEP
  
  24576:U0yTux7Eooc30gVpcd0fxSlH5X9kTmwvy1vCQrCVd9:6QzUZuTmwvKvCQ2Vd
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2