b5389a52da04a07343162e7f00a0a5cbc7a1b9c960a3763c1aa0815d4e607cb7 | Triage

Sharing

General

Target

b5389a52da04a07343162e7f00a0a5cbc7a1b9c960a3763c1aa0815d4e607cb7
Size

250KB
Sample

221129-vyrjpaaa95
MD5

757139682c5745cbf1d0090b235c7aad
SHA1

060b95e39e1287b12be759ec5db65e11a38b6705
SHA256

b5389a52da04a07343162e7f00a0a5cbc7a1b9c960a3763c1aa0815d4e607cb7
SHA512

be07d2b4dfbbc44a69b1159af9a2cb1547b987734ade88d275be8859bdb9964fe488b1505463c947305bb72ace8756de516eee9f324810369f1d98f3bce2a9b1
SSDEEP

6144:s3atSBT+sstoBBC+XQYc9959tZqt++lfEBruAUikylBS0J:ix7tDo5wtXl6u0J

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  b5389a52da04a07343162e7f00a0a5cbc7a1b9c960a3763c1aa0815d4e607cb7
- Size
  
  250KB
- MD5
  
  757139682c5745cbf1d0090b235c7aad
- SHA1
  
  060b95e39e1287b12be759ec5db65e11a38b6705
- SHA256
  
  b5389a52da04a07343162e7f00a0a5cbc7a1b9c960a3763c1aa0815d4e607cb7
- SHA512
  
  be07d2b4dfbbc44a69b1159af9a2cb1547b987734ade88d275be8859bdb9964fe488b1505463c947305bb72ace8756de516eee9f324810369f1d98f3bce2a9b1
- SSDEEP
  
  6144:s3atSBT+sstoBBC+XQYc9959tZqt++lfEBruAUikylBS0J:ix7tDo5wtXl6u0J
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2