a5e15e3e9fc7608ca7d9d92eb2ac6a4bd776b9b30fc69d05c5e8b5bd9b25389e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5e15e3e9fc7608ca7d9d92eb2ac6a4bd776b9b30fc69d05c5e8b5bd9b25389e
Size

228KB
Sample

221203-x9r1psdb61
MD5

15928c24d495c40e799751557797b7d4
SHA1

2be4c23ef9bd16e4ef90d07d54989c6d8971d765
SHA256

a5e15e3e9fc7608ca7d9d92eb2ac6a4bd776b9b30fc69d05c5e8b5bd9b25389e
SHA512

daa050fbfefbd53a7c1d9100c8dbbb58dbfb08b3151109fc29786ca82e003e2883e7093756d87127d9ec9c59844b1ed66e55ab34eb27b565f7c94c2f4ef1d4c8
SSDEEP

6144:EtbbiIc763KFi2SWirIojw8HbQOOO7u/Wcr59ObjoxzXHSqUdm:SAe6Fi2SWiFjw8HbQOOO7u/Wc19Obj2h

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  a5e15e3e9fc7608ca7d9d92eb2ac6a4bd776b9b30fc69d05c5e8b5bd9b25389e
- Size
  
  228KB
- MD5
  
  15928c24d495c40e799751557797b7d4
- SHA1
  
  2be4c23ef9bd16e4ef90d07d54989c6d8971d765
- SHA256
  
  a5e15e3e9fc7608ca7d9d92eb2ac6a4bd776b9b30fc69d05c5e8b5bd9b25389e
- SHA512
  
  daa050fbfefbd53a7c1d9100c8dbbb58dbfb08b3151109fc29786ca82e003e2883e7093756d87127d9ec9c59844b1ed66e55ab34eb27b565f7c94c2f4ef1d4c8
- SSDEEP
  
  6144:EtbbiIc763KFi2SWirIojw8HbQOOO7u/Wcr59ObjoxzXHSqUdm:SAe6Fi2SWiFjw8HbQOOO7u/Wc19Obj2h
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2