gh0strat | 153e2cdc339fe42c47159b5e574f60f599e019ec42f0d98a529bfba96cf168c7 | Triage

Sharing

General

Target

153e2cdc339fe42c47159b5e574f60f599e019ec42f0d98a529bfba96cf168c7
Size

180KB
Sample

230824-d8dbdabc6w
MD5

eaff6ef08156466b19628f81155d8ac8
SHA1

5dbbacc8db924eb72088d4a9956107f5fe773b74
SHA256

153e2cdc339fe42c47159b5e574f60f599e019ec42f0d98a529bfba96cf168c7
SHA512

7c4554ba68a49035b9c3eba81c15aff871d67091db4a6e96cfd4295ace11c186c4db1f5f5a74d80d356b15b2f8b1fe213c66e9de4c9fe0324c3c3b3147630ee3
SSDEEP

3072:R3V/I9QUy96czF3DGdCqflmb3yptTBfJsgMFwWyuW:R3mWUN2RDsCqNmbCptTBhsg+3W

Score

10^/10

gh0strat persistence

Malware Config

Targets

- Target
  
  153e2cdc339fe42c47159b5e574f60f599e019ec42f0d98a529bfba96cf168c7
- Size
  
  180KB
- MD5
  
  eaff6ef08156466b19628f81155d8ac8
- SHA1
  
  5dbbacc8db924eb72088d4a9956107f5fe773b74
- SHA256
  
  153e2cdc339fe42c47159b5e574f60f599e019ec42f0d98a529bfba96cf168c7
- SHA512
  
  7c4554ba68a49035b9c3eba81c15aff871d67091db4a6e96cfd4295ace11c186c4db1f5f5a74d80d356b15b2f8b1fe213c66e9de4c9fe0324c3c3b3147630ee3
- SSDEEP
  
  3072:R3V/I9QUy96czF3DGdCqflmb3yptTBfJsgMFwWyuW:R3mWUN2RDsCqNmbCptTBhsg+3W
Score

8^/10

persistence
- Blocklisted process makes network request
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2