ec45629cc96aa954d908e9cb6d13e077d48e78cefbd6e2203638121a5831e43a | Triage

Sharing

General

Target

ec45629cc96aa954d908e9cb6d13e077d48e78cefbd6e2203638121a5831e43a
Size

5.1MB
Sample

230615-2ch4rabd9t
MD5

e5ac420bfad1c5861fda3bd2aae69ced
SHA1

791a6aa5263d0aff88410338a35df29d5a1d2b6d
SHA256

ec45629cc96aa954d908e9cb6d13e077d48e78cefbd6e2203638121a5831e43a
SHA512

0ac9a870c24a21a25a544e08f5e3d2625ddb48f0a6667676fb4b6c7c1de8adccbe0ef7f538e2a27115fa68b4884d5ac11280800476393adebdbdc5fb3df0733e
SSDEEP

98304:hSKUj8IjSDuegAWHWFqLLEWmL2RWOUJHndutMzyOxCDdaX88Zyjva:Hwj5eCDE1LtOUJ9uUy1MXQ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ec45629cc96aa954d908e9cb6d13e077d48e78cefbd6e2203638121a5831e43a
- Size
  
  5.1MB
- MD5
  
  e5ac420bfad1c5861fda3bd2aae69ced
- SHA1
  
  791a6aa5263d0aff88410338a35df29d5a1d2b6d
- SHA256
  
  ec45629cc96aa954d908e9cb6d13e077d48e78cefbd6e2203638121a5831e43a
- SHA512
  
  0ac9a870c24a21a25a544e08f5e3d2625ddb48f0a6667676fb4b6c7c1de8adccbe0ef7f538e2a27115fa68b4884d5ac11280800476393adebdbdc5fb3df0733e
- SSDEEP
  
  98304:hSKUj8IjSDuegAWHWFqLLEWmL2RWOUJHndutMzyOxCDdaX88Zyjva:Hwj5eCDE1LtOUJ9uUy1MXQ
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1