a0792d2e1cb4c75b93b4414a02df18cd2efcf93c8b701839f352805846b03dc4 | Triage

Sharing

General

Target

a0792d2e1cb4c75b93b4414a02df18cd2efcf93c8b701839f352805846b03dc4
Size

1.1MB
Sample

231016-dq2w1sde35
MD5

6caef61be87a3fbda6956973cf463a4c
SHA1

2a09667e002cc72fbdc8575f405e1e2e806f5cbe
SHA256

a0792d2e1cb4c75b93b4414a02df18cd2efcf93c8b701839f352805846b03dc4
SHA512

d4935717c0df85c0eb240bd0217de28bab519b3764800ed052f139be4410f6cac30fbb704f220fbabebfee844214d4cf3a910603dd28b6ff590788cd4bb293b3
SSDEEP

24576:Eyvi5t3rLoIx921KwZbsVoXl3mKtFv0llNF+IJ1qnJoo4HLV:Tvi3X21KwZbsVGl3Fv07NIdJh4r

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  a0792d2e1cb4c75b93b4414a02df18cd2efcf93c8b701839f352805846b03dc4
- Size
  
  1.1MB
- MD5
  
  6caef61be87a3fbda6956973cf463a4c
- SHA1
  
  2a09667e002cc72fbdc8575f405e1e2e806f5cbe
- SHA256
  
  a0792d2e1cb4c75b93b4414a02df18cd2efcf93c8b701839f352805846b03dc4
- SHA512
  
  d4935717c0df85c0eb240bd0217de28bab519b3764800ed052f139be4410f6cac30fbb704f220fbabebfee844214d4cf3a910603dd28b6ff590788cd4bb293b3
- SSDEEP
  
  24576:Eyvi5t3rLoIx921KwZbsVoXl3mKtFv0llNF+IJ1qnJoo4HLV:Tvi3X21KwZbsVGl3Fv07NIdJh4r
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1