ac6b28cb0fa0fd1e0e5e4398b853842d7a2629a2f117a2eb0b70c1bdc9bca235 | Triage

Sharing

General

Target

XC5me1Dl.exe
Size

763KB
Sample

231030-fn4c6scg55
MD5

971d5e49d9713273073628de4343a109
SHA1

7425592dc829a4013fd85329b7d5e589fb6e6fe3
SHA256

ac6b28cb0fa0fd1e0e5e4398b853842d7a2629a2f117a2eb0b70c1bdc9bca235
SHA512

1b4084dd98a5ae55a59aaf80bc486aabd8bb53e3832ca402ed0aeb9fb1b1313aa2c2e6a893e293c9851ad3f8e7c5e61ac90231b79c9e2eb9883872efdca947db
SSDEEP

12288:pMrky90ZbTJhWrBMZraubTqiLUxCLE3mepmOCT28XFS3IZ0m2PZHpaxjzWds:tyQvWr6ZxTqiLUMLE38h6k7qZgBWm

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  XC5me1Dl.exe
- Size
  
  763KB
- MD5
  
  971d5e49d9713273073628de4343a109
- SHA1
  
  7425592dc829a4013fd85329b7d5e589fb6e6fe3
- SHA256
  
  ac6b28cb0fa0fd1e0e5e4398b853842d7a2629a2f117a2eb0b70c1bdc9bca235
- SHA512
  
  1b4084dd98a5ae55a59aaf80bc486aabd8bb53e3832ca402ed0aeb9fb1b1313aa2c2e6a893e293c9851ad3f8e7c5e61ac90231b79c9e2eb9883872efdca947db
- SSDEEP
  
  12288:pMrky90ZbTJhWrBMZraubTqiLUxCLE3mepmOCT28XFS3IZ0m2PZHpaxjzWds:tyQvWr6ZxTqiLUMLE38h6k7qZgBWm
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2