1b9b25b0f728c7db7a34e5905b7ddfc2009e42d18a556ace9001c0b34126c749 | Triage

Sharing

General

Target

1b9b25b0f728c7db7a34e5905b7ddfc2009e42d18a556ace9001c0b34126c749
Size

4.4MB
Sample

230301-pl6j7agb54
MD5

241809f7b770e624af435d3b8204499e
SHA1

508c36776e60fd8a5a6569effdee98c2635063f1
SHA256

1b9b25b0f728c7db7a34e5905b7ddfc2009e42d18a556ace9001c0b34126c749
SHA512

452bac8bd79b868e2715296abf021630f89ea58f47239e753df1924e5e486e355e66837daab69eec3bfe04697fd05e6d789030e14649f9cef44e08f76bb53a5a
SSDEEP

98304:c46m3lOTN+F/VmxNhHQ849d15jLWdWyYC2yOMnIcDC:c46lN+ZVmxNhk1FWjYVPMnId

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1b9b25b0f728c7db7a34e5905b7ddfc2009e42d18a556ace9001c0b34126c749
- Size
  
  4.4MB
- MD5
  
  241809f7b770e624af435d3b8204499e
- SHA1
  
  508c36776e60fd8a5a6569effdee98c2635063f1
- SHA256
  
  1b9b25b0f728c7db7a34e5905b7ddfc2009e42d18a556ace9001c0b34126c749
- SHA512
  
  452bac8bd79b868e2715296abf021630f89ea58f47239e753df1924e5e486e355e66837daab69eec3bfe04697fd05e6d789030e14649f9cef44e08f76bb53a5a
- SSDEEP
  
  98304:c46m3lOTN+F/VmxNhHQ849d15jLWdWyYC2yOMnIcDC:c46lN+ZVmxNhk1FWjYVPMnId
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1