f89c54a410d1de9f9d05217831e651db77627a6d93e95dfeb6d0385fe951555a | Triage

Sharing

General

Target

splenativeDeterminative.SilviculturistGallantry.dll
Size

549KB
Sample

230522-ryr9faha83
MD5

1862a5acea6e4a61b07862e74fb68e14
SHA1

313561041922d23d1149b22f72eecf0149b0f547
SHA256

f89c54a410d1de9f9d05217831e651db77627a6d93e95dfeb6d0385fe951555a
SHA512

90be40eb80c91cb7e63fa6bbf9a18b7cf4931165d60d0f9e42079165998674c04413db4cc1e1c569a33018038b871619c90f43ed125447b84d1c2239bd747db5
SSDEEP

12288:f67mo2xmrRgC9+JiEWpOp9VTOvqUDVKeQQGtTzqz:C7RrRJ9+b6MTTOvqUDbQQb

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  splenativeDeterminative.SilviculturistGallantry.dll
- Size
  
  549KB
- MD5
  
  1862a5acea6e4a61b07862e74fb68e14
- SHA1
  
  313561041922d23d1149b22f72eecf0149b0f547
- SHA256
  
  f89c54a410d1de9f9d05217831e651db77627a6d93e95dfeb6d0385fe951555a
- SHA512
  
  90be40eb80c91cb7e63fa6bbf9a18b7cf4931165d60d0f9e42079165998674c04413db4cc1e1c569a33018038b871619c90f43ed125447b84d1c2239bd747db5
- SSDEEP
  
  12288:f67mo2xmrRgC9+JiEWpOp9VTOvqUDVKeQQGtTzqz:C7RrRJ9+b6MTTOvqUDbQQb
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2