04b2b51d3eddec7376bfd799cfb9a6ea3f4b485f3ff477cdf681ad72b7632499 | Triage

Resubmissions

12-09-2023 00:48

230912-a5y7wscc51 6

15-06-2023 04:47

230615-fen7wsef69 6

Sharing

General

Target

04b2b51d3eddec7376bfd799cfb9a6ea3f4b485f3ff477cdf681ad72b7632499
Size

924KB
Sample

230912-a5y7wscc51
MD5

3a362db9ebf2be5424271c43c7a97046
SHA1

a9a5e0e795b54660ac6b589ac3a70677cbaa20b9
SHA256

04b2b51d3eddec7376bfd799cfb9a6ea3f4b485f3ff477cdf681ad72b7632499
SHA512

3ef8bf0af862ba4761a1c1f9caa59072b11c8cdc2674599c2809d0f7edf86164af8def205cbd6e6dc121953e399ff5364305100e9e5a031bc62abdac4085f500
SSDEEP

6144:kJ2aHW41GyDzg4vRktdv8M4wx1ZTZ0AOcWvBYa:k/HbdzxvRktEiCY

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  04b2b51d3eddec7376bfd799cfb9a6ea3f4b485f3ff477cdf681ad72b7632499
- Size
  
  924KB
- MD5
  
  3a362db9ebf2be5424271c43c7a97046
- SHA1
  
  a9a5e0e795b54660ac6b589ac3a70677cbaa20b9
- SHA256
  
  04b2b51d3eddec7376bfd799cfb9a6ea3f4b485f3ff477cdf681ad72b7632499
- SHA512
  
  3ef8bf0af862ba4761a1c1f9caa59072b11c8cdc2674599c2809d0f7edf86164af8def205cbd6e6dc121953e399ff5364305100e9e5a031bc62abdac4085f500
- SSDEEP
  
  6144:kJ2aHW41GyDzg4vRktdv8M4wx1ZTZ0AOcWvBYa:k/HbdzxvRktEiCY
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2