edb18b895a86d590563e4ddd40ae6e0024c2bf15f4f3715e6f5af1b2af9447ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edb18b895a86d590563e4ddd40ae6e0024c2bf15f4f3715e6f5af1b2af9447ce
Size

1.2MB
Sample

231009-qtcshsfc28
MD5

8e39c2c1ccfaef165eaaf7e52662a4a9
SHA1

53514ae5ae9b89068d8eb8e9c6aa0f2ee2625f60
SHA256

edb18b895a86d590563e4ddd40ae6e0024c2bf15f4f3715e6f5af1b2af9447ce
SHA512

3a555c0d94038695b3a1630506217fe9f277e874926f33d4788b395e8aa713059f0b610b154414efb22b146f2d7c1679b15114da82e22d0952c16683257e4a8e
SSDEEP

24576:YyMUEhSDFosx16D+UFQQ8gqVN4UxXNNi6JmF2R4kbRkonJ6DU0C:fMUEIDFhL6D+8MgajU6JmahKdU0

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  edb18b895a86d590563e4ddd40ae6e0024c2bf15f4f3715e6f5af1b2af9447ce
- Size
  
  1.2MB
- MD5
  
  8e39c2c1ccfaef165eaaf7e52662a4a9
- SHA1
  
  53514ae5ae9b89068d8eb8e9c6aa0f2ee2625f60
- SHA256
  
  edb18b895a86d590563e4ddd40ae6e0024c2bf15f4f3715e6f5af1b2af9447ce
- SHA512
  
  3a555c0d94038695b3a1630506217fe9f277e874926f33d4788b395e8aa713059f0b610b154414efb22b146f2d7c1679b15114da82e22d0952c16683257e4a8e
- SSDEEP
  
  24576:YyMUEhSDFosx16D+UFQQ8gqVN4UxXNNi6JmF2R4kbRkonJ6DU0C:fMUEIDFhL6D+8MgajU6JmahKdU0
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1