c74a186e0a2753f7f853bc721e75aecbe2c93d6c6f5fc72f82e328f63e481bdd | Triage

Sharing

General

Target

c74a186e0a2753f7f853bc721e75aecbe2c93d6c6f5fc72f82e328f63e481bdd
Size

184KB
Sample

221127-tr19wabb35
MD5

4e57b42a51ab4680aa93e4d0616cc19d
SHA1

8a956c63e4a85ecf0f6ae51f9616090fd6968ec4
SHA256

c74a186e0a2753f7f853bc721e75aecbe2c93d6c6f5fc72f82e328f63e481bdd
SHA512

0d831b904fb9be9ad8b845250a0637888025711e17770f58f4bc6d828cb87f2d1acc6cffbc652c62ee2102a5f4fc33645b993cd2c6c606488ec368203486086c
SSDEEP

3072:6pQuncXADTChCIB1hBkmVK5zSMhl+VYrn:YhnRDTsPnkmSzSMhson

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  c74a186e0a2753f7f853bc721e75aecbe2c93d6c6f5fc72f82e328f63e481bdd
- Size
  
  184KB
- MD5
  
  4e57b42a51ab4680aa93e4d0616cc19d
- SHA1
  
  8a956c63e4a85ecf0f6ae51f9616090fd6968ec4
- SHA256
  
  c74a186e0a2753f7f853bc721e75aecbe2c93d6c6f5fc72f82e328f63e481bdd
- SHA512
  
  0d831b904fb9be9ad8b845250a0637888025711e17770f58f4bc6d828cb87f2d1acc6cffbc652c62ee2102a5f4fc33645b993cd2c6c606488ec368203486086c
- SSDEEP
  
  3072:6pQuncXADTChCIB1hBkmVK5zSMhl+VYrn:YhnRDTsPnkmSzSMhson
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2