d0663ff76310a45dfb096d76beaa7d5b192ae26f5c7bc99abb7b2895ca01bbed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0663ff76310a45dfb096d76beaa7d5b192ae26f5c7bc99abb7b2895ca01bbed
Size

4.4MB
Sample

230302-wrx9bsdg2x
MD5

23056c2d3884b5635d22e00e7d3d7015
SHA1

0ad2c17637263ba29839c38434d5a7eed94e0a5e
SHA256

d0663ff76310a45dfb096d76beaa7d5b192ae26f5c7bc99abb7b2895ca01bbed
SHA512

9a4c2e89f8387fbf823679620a8cbd29a919e779d8a7c9fbd07081459a7fd3395b1ccbdf5dbcee9e35298ccaba304fd114ad3ee1a73c98f12ab923551b52a211
SSDEEP

98304:4c31RBC96etJeZ3G9LWme1lZW03xLiSJOIQMEy8PyEpzVQa/H1YMlJ:5/+64JeBILWmeLw03dRJpP8PHb/HNJ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  d0663ff76310a45dfb096d76beaa7d5b192ae26f5c7bc99abb7b2895ca01bbed
- Size
  
  4.4MB
- MD5
  
  23056c2d3884b5635d22e00e7d3d7015
- SHA1
  
  0ad2c17637263ba29839c38434d5a7eed94e0a5e
- SHA256
  
  d0663ff76310a45dfb096d76beaa7d5b192ae26f5c7bc99abb7b2895ca01bbed
- SHA512
  
  9a4c2e89f8387fbf823679620a8cbd29a919e779d8a7c9fbd07081459a7fd3395b1ccbdf5dbcee9e35298ccaba304fd114ad3ee1a73c98f12ab923551b52a211
- SSDEEP
  
  98304:4c31RBC96etJeZ3G9LWme1lZW03xLiSJOIQMEy8PyEpzVQa/H1YMlJ:5/+64JeBILWmeLw03dRJpP8PHb/HNJ
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1