832f0e0bfbee83129167535bef4de0fcf1c6973868be611d9a9e3843c2073a9e | Triage

Resubmissions

23-10-2023 22:11

231023-139hysgc91 5

23-10-2023 22:10

231023-13q2lsgc9x 5

23-10-2023 22:08

231023-12jk5sgc8w 5

Sharing

General

Target

Toysoldier.exe
Size

6.7MB
Sample

231023-12jk5sgc8w
MD5

30f085bc02e0f3d3962e778c126d3741
SHA1

5866325bb118257b4d2fe1f1763806ec1b55b052
SHA256

832f0e0bfbee83129167535bef4de0fcf1c6973868be611d9a9e3843c2073a9e
SHA512

88d5c08e3dd385a20ec38c25610eaf1f4cdde5336f796fe0f3c4d6c301c6652210a3c27632e24e92d5f0b8acfc81b91ba21fdd761e3fc2331e439d93839e0f43
SSDEEP

98304:eCmGTzpfWVykI5gHxXHat5eEka5TCcFTjcTEQtGx7AqSdWSX+6:eCmGTVuVjnZaveEka53jX9AhoI+

Score

5^/10

Malware Config

Targets

- Target
  
  Toysoldier.exe
- Size
  
  6.7MB
- MD5
  
  30f085bc02e0f3d3962e778c126d3741
- SHA1
  
  5866325bb118257b4d2fe1f1763806ec1b55b052
- SHA256
  
  832f0e0bfbee83129167535bef4de0fcf1c6973868be611d9a9e3843c2073a9e
- SHA512
  
  88d5c08e3dd385a20ec38c25610eaf1f4cdde5336f796fe0f3c4d6c301c6652210a3c27632e24e92d5f0b8acfc81b91ba21fdd761e3fc2331e439d93839e0f43
- SSDEEP
  
  98304:eCmGTzpfWVykI5gHxXHat5eEka5TCcFTjcTEQtGx7AqSdWSX+6:eCmGTVuVjnZaveEka53jX9AhoI+
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2