3d3a927071c8ef7343a22dc7953fb6e0715bef228f3e697d5ae08b32369ef662 | Triage

Sharing

General

Target

3d3a927071c8ef7343a22dc7953fb6e0715bef228f3e697d5ae08b32369ef662
Size

730KB
Sample

230921-wshv2abg64
MD5

e2df50879196e0ab352881093972734f
SHA1

afde907161ce43ed916f04b7c9fcdb0612059289
SHA256

3d3a927071c8ef7343a22dc7953fb6e0715bef228f3e697d5ae08b32369ef662
SHA512

0bda39d0fdce3a2bc4838102b964c8a766a278005798bc2e1be951aa6e90a0e9de7c701abcb172268310567791258c73fd117e4c2828fe51c9b94cca25757a05
SSDEEP

12288:5Mrdy90/bb9wJq57qpXjqQT1r9PpDN4ng6WJsN8IE0FCRZgQdnfTrp7NAMguti4X:0yWOpdT1r9P/4gSdEmQpfvGuti4nX

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3d3a927071c8ef7343a22dc7953fb6e0715bef228f3e697d5ae08b32369ef662
- Size
  
  730KB
- MD5
  
  e2df50879196e0ab352881093972734f
- SHA1
  
  afde907161ce43ed916f04b7c9fcdb0612059289
- SHA256
  
  3d3a927071c8ef7343a22dc7953fb6e0715bef228f3e697d5ae08b32369ef662
- SHA512
  
  0bda39d0fdce3a2bc4838102b964c8a766a278005798bc2e1be951aa6e90a0e9de7c701abcb172268310567791258c73fd117e4c2828fe51c9b94cca25757a05
- SSDEEP
  
  12288:5Mrdy90/bb9wJq57qpXjqQT1r9PpDN4ng6WJsN8IE0FCRZgQdnfTrp7NAMguti4X:0yWOpdT1r9P/4gSdEmQpfvGuti4nX
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1