a7cddaab26425d654855f225afae2271c57fb051352a9754c968b57b5fd6579c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7cddaab26425d654855f225afae2271c57fb051352a9754c968b57b5fd6579c
Size

3.1MB
Sample

230508-feqqqaah2w
MD5

27be4d1930a01d4a3ddebaa0d179116b
SHA1

75b6c25584a4e34a926b6c3f5c64aa6975589a4c
SHA256

a7cddaab26425d654855f225afae2271c57fb051352a9754c968b57b5fd6579c
SHA512

1bfa07870d67303712962954919b620114c47a6422a48b236f0f29dcb2af5a903d44d0e1233dd26c0797efac505bc5c5868e6e82acda94f674da86014cd70c14
SSDEEP

49152:3NtxIRIBa3qKcZMBD3TFJP1rXdTl5s6j4dcaXD+jC0Ws:3NXIRYa6KBBrFT4dLatW

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  a7cddaab26425d654855f225afae2271c57fb051352a9754c968b57b5fd6579c
- Size
  
  3.1MB
- MD5
  
  27be4d1930a01d4a3ddebaa0d179116b
- SHA1
  
  75b6c25584a4e34a926b6c3f5c64aa6975589a4c
- SHA256
  
  a7cddaab26425d654855f225afae2271c57fb051352a9754c968b57b5fd6579c
- SHA512
  
  1bfa07870d67303712962954919b620114c47a6422a48b236f0f29dcb2af5a903d44d0e1233dd26c0797efac505bc5c5868e6e82acda94f674da86014cd70c14
- SSDEEP
  
  49152:3NtxIRIBa3qKcZMBD3TFJP1rXdTl5s6j4dcaXD+jC0Ws:3NXIRYa6KBBrFT4dLatW
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2