2b3309edbf22de898d3fbde8a7f6416abd99b31c364680a32e498d23512f1cac | Triage

Sharing

General

Target

2b3309edbf22de898d3fbde8a7f6416abd99b31c364680a32e498d23512f1cac
Size

937KB
Sample

230923-ktjm6sea8y
MD5

c8623f56dfdb8ceb9460bc79455d1d08
SHA1

e3d3aae075500a7df8f2839bacd71ada439e6019
SHA256

2b3309edbf22de898d3fbde8a7f6416abd99b31c364680a32e498d23512f1cac
SHA512

ab279008eae49c785652b8681283fe297b21fb3941cacf6e089c0b7938fcc4b95bc17c9c0c19c85de77691622b2f081c1a7197155155f15cc271ab4aeda6f1a4
SSDEEP

24576:QyYDf/wwZWaggWTNrJeXs1wCGeWWJpdUpt:XgS9gWJrJeXsmCGGJ8p

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2b3309edbf22de898d3fbde8a7f6416abd99b31c364680a32e498d23512f1cac
- Size
  
  937KB
- MD5
  
  c8623f56dfdb8ceb9460bc79455d1d08
- SHA1
  
  e3d3aae075500a7df8f2839bacd71ada439e6019
- SHA256
  
  2b3309edbf22de898d3fbde8a7f6416abd99b31c364680a32e498d23512f1cac
- SHA512
  
  ab279008eae49c785652b8681283fe297b21fb3941cacf6e089c0b7938fcc4b95bc17c9c0c19c85de77691622b2f081c1a7197155155f15cc271ab4aeda6f1a4
- SSDEEP
  
  24576:QyYDf/wwZWaggWTNrJeXs1wCGeWWJpdUpt:XgS9gWJrJeXsmCGGJ8p
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1