489b39160cbb5c6a7db928f5ec310f3f9adb944565923648b233e2d86dd49fcc | Triage

Sharing

General

Target

489b39160cbb5c6a7db928f5ec310f3f9adb944565923648b233e2d86dd49fcc
Size

245KB
Sample

221205-2zmepahg4w
MD5

732931d7c6a0b9ecf8add4f1312a3ed9
SHA1

2f1cd3fcf7820783388ac23e7125b4dc8d80d1f9
SHA256

489b39160cbb5c6a7db928f5ec310f3f9adb944565923648b233e2d86dd49fcc
SHA512

727764e1843bd231bc633062464f0cfee44cdd443d3df0df11402ccf831aa8411abe23039d097788f560e2d5beffcec67f23946054edf4da394e082653aee044
SSDEEP

6144:b0HGYUtW8dH7cG+ncI+ScYMnHZFGHItERsmIMpViWqcl:YyW893+nGfGH8DmIH

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  489b39160cbb5c6a7db928f5ec310f3f9adb944565923648b233e2d86dd49fcc
- Size
  
  245KB
- MD5
  
  732931d7c6a0b9ecf8add4f1312a3ed9
- SHA1
  
  2f1cd3fcf7820783388ac23e7125b4dc8d80d1f9
- SHA256
  
  489b39160cbb5c6a7db928f5ec310f3f9adb944565923648b233e2d86dd49fcc
- SHA512
  
  727764e1843bd231bc633062464f0cfee44cdd443d3df0df11402ccf831aa8411abe23039d097788f560e2d5beffcec67f23946054edf4da394e082653aee044
- SSDEEP
  
  6144:b0HGYUtW8dH7cG+ncI+ScYMnHZFGHItERsmIMpViWqcl:YyW893+nGfGH8DmIH
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2