ef62a9245b503fd759e9d4c6f4edd3be1cc3cde1353373c1a3383244a8e883b6 | Triage

Sharing

General

Target

ef62a9245b503fd759e9d4c6f4edd3be1cc3cde1353373c1a3383244a8e883b6
Size

4.4MB
Sample

230301-hwwz6sfb28
MD5

14818b3e36777c8720774fa0f379b91d
SHA1

2025e5bf2f39d4c50af472be033c20922568a11c
SHA256

ef62a9245b503fd759e9d4c6f4edd3be1cc3cde1353373c1a3383244a8e883b6
SHA512

413b6293f0cac52b2496604f30ace19600d730e3ec45f9d4c898ad89e78ed9be37a8c18188242b34f1d0cf3e779a09fdffd60c925e52ac4eaadeafaaa2f05758
SSDEEP

98304:b46m3lOTN+F/VmxNhHQ849d15jLWdWyYC2yOMnIcDC:b46lN+ZVmxNhk1FWjYVPMnId

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ef62a9245b503fd759e9d4c6f4edd3be1cc3cde1353373c1a3383244a8e883b6
- Size
  
  4.4MB
- MD5
  
  14818b3e36777c8720774fa0f379b91d
- SHA1
  
  2025e5bf2f39d4c50af472be033c20922568a11c
- SHA256
  
  ef62a9245b503fd759e9d4c6f4edd3be1cc3cde1353373c1a3383244a8e883b6
- SHA512
  
  413b6293f0cac52b2496604f30ace19600d730e3ec45f9d4c898ad89e78ed9be37a8c18188242b34f1d0cf3e779a09fdffd60c925e52ac4eaadeafaaa2f05758
- SSDEEP
  
  98304:b46m3lOTN+F/VmxNhHQ849d15jLWdWyYC2yOMnIcDC:b46lN+ZVmxNhk1FWjYVPMnId
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1