dcb24b04d4e36b27269c5cd8971167b94587712efc62b04e82f62b0719a64304 | Triage

Sharing

General

Target

f0ef3105a17c7f34aec310f64cbdb865.exe
Size

604KB
Sample

230508-1t79jaeg4t
MD5

f0ef3105a17c7f34aec310f64cbdb865
SHA1

db3638eeb2ba28983d45cad37091dc24703a63be
SHA256

dcb24b04d4e36b27269c5cd8971167b94587712efc62b04e82f62b0719a64304
SHA512

aed1a398fd07c00489221fefa557bec0734e8b1531f92f555767bbbc6b6f477717f03855c57729869405464eab43a4279de24e87a45b469ae7994df7ece81213
SSDEEP

6144:ZdfbCP2DTb+HdtH9Wd1yxBMf0eVCDs2c9kDwK3bLqpnobns+NOYup6yCwMjyh0XL:Z+2j+Hdsy7MfXVqc9w33Hnw6yCVjq0XL

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f0ef3105a17c7f34aec310f64cbdb865.exe
- Size
  
  604KB
- MD5
  
  f0ef3105a17c7f34aec310f64cbdb865
- SHA1
  
  db3638eeb2ba28983d45cad37091dc24703a63be
- SHA256
  
  dcb24b04d4e36b27269c5cd8971167b94587712efc62b04e82f62b0719a64304
- SHA512
  
  aed1a398fd07c00489221fefa557bec0734e8b1531f92f555767bbbc6b6f477717f03855c57729869405464eab43a4279de24e87a45b469ae7994df7ece81213
- SSDEEP
  
  6144:ZdfbCP2DTb+HdtH9Wd1yxBMf0eVCDs2c9kDwK3bLqpnobns+NOYup6yCwMjyh0XL:Z+2j+Hdsy7MfXVqc9w33Hnw6yCVjq0XL
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Program crash
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2