7f515e72fd805f3cc38ac8dbb8431a7b576b8c9a78a579042ee677a076c9e3cd | Triage

Sharing

General

Target

7f515e72fd805f3cc38ac8dbb8431a7b576b8c9a78a579042ee677a076c9e3cd
Size

119KB
Sample

221129-hytb3aah7v
MD5

392b88bb278dbcb670225d86f0b13220
SHA1

5e3bc9abec265415ef846a4ecd80c73ca0a81dca
SHA256

7f515e72fd805f3cc38ac8dbb8431a7b576b8c9a78a579042ee677a076c9e3cd
SHA512

48d32eee9a52323deb03ea51c4b0acd092050ff80cd079fc253147698d17f58cf15e4f84d4fef23fa8b7bbc81aada61279ac0f3e8ddc6ac111ae58464afd0b2b
SSDEEP

1536:7OyUFg1WouNBHV44JHQETjJDCovQvsyV4+xoWlpVIaiudmNygL6H/s:14oujS4JNNC5b++2W2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7f515e72fd805f3cc38ac8dbb8431a7b576b8c9a78a579042ee677a076c9e3cd
- Size
  
  119KB
- MD5
  
  392b88bb278dbcb670225d86f0b13220
- SHA1
  
  5e3bc9abec265415ef846a4ecd80c73ca0a81dca
- SHA256
  
  7f515e72fd805f3cc38ac8dbb8431a7b576b8c9a78a579042ee677a076c9e3cd
- SHA512
  
  48d32eee9a52323deb03ea51c4b0acd092050ff80cd079fc253147698d17f58cf15e4f84d4fef23fa8b7bbc81aada61279ac0f3e8ddc6ac111ae58464afd0b2b
- SSDEEP
  
  1536:7OyUFg1WouNBHV44JHQETjJDCovQvsyV4+xoWlpVIaiudmNygL6H/s:14oujS4JNNC5b++2W2
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2