d45490551ceb2c224bcd8cb3cb67d98fff4261b6e2d72cc57ee9b0a3f0301bdf | Triage

Sharing

General

Target

d45490551ceb2c224bcd8cb3cb67d98fff4261b6e2d72cc57ee9b0a3f0301bdf
Size

1.1MB
Sample

231003-bs6a4sfe5v
MD5

f82128954c77f92646dd8f4ff99c6bb4
SHA1

91e72332ba474f1b5bfb11337b6eef666d6b0521
SHA256

d45490551ceb2c224bcd8cb3cb67d98fff4261b6e2d72cc57ee9b0a3f0301bdf
SHA512

cfaa8561b2e7eb29985718bba0b97b24439345633bee9a98e3cb6df32142317eba6d810590ff8c9165510204627ead9b36345d9440a5de4c575a75f6c558c988
SSDEEP

24576:ryG6Gjmg7UZDMjjJzyY7xGiY2mM8Z7QgNftdzD57:epcaYjJX7IZxH/5

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  d45490551ceb2c224bcd8cb3cb67d98fff4261b6e2d72cc57ee9b0a3f0301bdf
- Size
  
  1.1MB
- MD5
  
  f82128954c77f92646dd8f4ff99c6bb4
- SHA1
  
  91e72332ba474f1b5bfb11337b6eef666d6b0521
- SHA256
  
  d45490551ceb2c224bcd8cb3cb67d98fff4261b6e2d72cc57ee9b0a3f0301bdf
- SHA512
  
  cfaa8561b2e7eb29985718bba0b97b24439345633bee9a98e3cb6df32142317eba6d810590ff8c9165510204627ead9b36345d9440a5de4c575a75f6c558c988
- SSDEEP
  
  24576:ryG6Gjmg7UZDMjjJzyY7xGiY2mM8Z7QgNftdzD57:epcaYjJX7IZxH/5
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1