d104644bef2cb054832ca683d47b1a975a4cb82fde249c3f4afc0b36dff2e81a | Triage

Sharing

General

Target

document1.exe.2
Size

400.0MB
Sample

231013-31njtafb71
MD5

910f1487d983f7852948765edb527952
SHA1

481f0fd4ba70f3d8ff0aade90805ed1ecd8d9571
SHA256

d104644bef2cb054832ca683d47b1a975a4cb82fde249c3f4afc0b36dff2e81a
SHA512

5d2071d0652c53413d5ccb8d778fbbc7e73faa19ba7699c474cd684a5e39a0047fa3bbfbba08441e98a2e8c7818c11dd5f6efb7a119fa3d16301279829a1cc9a
SSDEEP

12288:L1llcJM1rRhQTN64LOfJDHBMYyLOCxatsaR:L1llkMvSNzEZhMYSOCxa2G

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  document1.exe.2
- Size
  
  400.0MB
- MD5
  
  910f1487d983f7852948765edb527952
- SHA1
  
  481f0fd4ba70f3d8ff0aade90805ed1ecd8d9571
- SHA256
  
  d104644bef2cb054832ca683d47b1a975a4cb82fde249c3f4afc0b36dff2e81a
- SHA512
  
  5d2071d0652c53413d5ccb8d778fbbc7e73faa19ba7699c474cd684a5e39a0047fa3bbfbba08441e98a2e8c7818c11dd5f6efb7a119fa3d16301279829a1cc9a
- SSDEEP
  
  12288:L1llcJM1rRhQTN64LOfJDHBMYyLOCxatsaR:L1llkMvSNzEZhMYSOCxa2G
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2