14b152a5d29491e2e9f807fb2c584ffff157aa7cee57fb46af1698020e288e9f | Triage

Sharing

General

Target

14b152a5d29491e2e9f807fb2c584ffff157aa7cee57fb46af1698020e288e9f
Size

10.3MB
Sample

231013-p88m3abg69
MD5

c5ab70c5499479d4cef6e70f4af77430
SHA1

96ecfdfb1e8c15f837420b6a22c3412394d46a77
SHA256

14b152a5d29491e2e9f807fb2c584ffff157aa7cee57fb46af1698020e288e9f
SHA512

08d80bb55bf7631fc7d0b2d0c93da8e500633bbbb8e427f798d305a7111729cad4061a3ce481f17b9e0879ed0ca33c4e4b50f6ab29de05bb12b11567d5d4656a
SSDEEP

196608:BwaTT3qJJD6FCIEHzVE3pOv8mpRobIxpMNcDbImKkE6hpwOYFXpL5w:GaTrqJJDW/ZOv8mpRCorD6kfhpwdFXp+

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  14b152a5d29491e2e9f807fb2c584ffff157aa7cee57fb46af1698020e288e9f
- Size
  
  10.3MB
- MD5
  
  c5ab70c5499479d4cef6e70f4af77430
- SHA1
  
  96ecfdfb1e8c15f837420b6a22c3412394d46a77
- SHA256
  
  14b152a5d29491e2e9f807fb2c584ffff157aa7cee57fb46af1698020e288e9f
- SHA512
  
  08d80bb55bf7631fc7d0b2d0c93da8e500633bbbb8e427f798d305a7111729cad4061a3ce481f17b9e0879ed0ca33c4e4b50f6ab29de05bb12b11567d5d4656a
- SSDEEP
  
  196608:BwaTT3qJJD6FCIEHzVE3pOv8mpRobIxpMNcDbImKkE6hpwOYFXpL5w:GaTrqJJDW/ZOv8mpRCorD6kfhpwdFXp+
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2