a94e4a81741592d1d18f9d53e94bc9f659e730cae7bd9d7a392671cba58b0718 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a94e4a81741592d1d18f9d53e94bc9f659e730cae7bd9d7a392671cba58b0718
Size

46KB
Sample

221129-d7f1wabh24
MD5

7ca01962de4c2542a859fb2ec2e17400
SHA1

52f8f61fa919bcba0e5af397376c08d61d5c3fb5
SHA256

a94e4a81741592d1d18f9d53e94bc9f659e730cae7bd9d7a392671cba58b0718
SHA512

1d90fc5138f4db662f4a5a8e6b5b1c60e5a8c9fad9a59770a7cde4e59118cadda883dc16df77b32b76e080e160c1c0e89b8f998cfed456e28f4a239b9ca69031
SSDEEP

768:q2kTNRJ868R8Z8s888m8E8Qv+7IEHYwfoSajXKCTEr+Mlfy2/wi2DMj4kicC8VAv:whRJzq+5hRpfv+7IEHmSkKCTZOIPkdCi

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  a94e4a81741592d1d18f9d53e94bc9f659e730cae7bd9d7a392671cba58b0718
- Size
  
  46KB
- MD5
  
  7ca01962de4c2542a859fb2ec2e17400
- SHA1
  
  52f8f61fa919bcba0e5af397376c08d61d5c3fb5
- SHA256
  
  a94e4a81741592d1d18f9d53e94bc9f659e730cae7bd9d7a392671cba58b0718
- SHA512
  
  1d90fc5138f4db662f4a5a8e6b5b1c60e5a8c9fad9a59770a7cde4e59118cadda883dc16df77b32b76e080e160c1c0e89b8f998cfed456e28f4a239b9ca69031
- SSDEEP
  
  768:q2kTNRJ868R8Z8s888m8E8Qv+7IEHYwfoSajXKCTEr+Mlfy2/wi2DMj4kicC8VAv:whRJzq+5hRpfv+7IEHmSkKCTZOIPkdCi
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2