e1446654518e6b24ccb9dcac64d3f7b42d5932f8001ebdf529945c21eb4896ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1446654518e6b24ccb9dcac64d3f7b42d5932f8001ebdf529945c21eb4896ed
Size

1.5MB
Sample

231104-l7ndyshg42
MD5

29f6bf4694dcdbdaa456aef63b364596
SHA1

45d22bf140f61076562383e4907c3573d30c02cf
SHA256

e1446654518e6b24ccb9dcac64d3f7b42d5932f8001ebdf529945c21eb4896ed
SHA512

a4c19973f8fb9f7744885161a8e3cfb58afc4c38853ffd4c5cfa9ecb77177fcd2641834e12f9444d3c344faca1a4a616649c158ec664c3678954b1771bc1031d
SSDEEP

24576:/yeNJ6GLgYfVZb0Q6+TBkHQvlOUP9A+GmFi60hBJ0biHfZcDNCmhbKbkp1:KIJ6GEYfVZopqBEwp9AfNHR/Q3BKwp

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e1446654518e6b24ccb9dcac64d3f7b42d5932f8001ebdf529945c21eb4896ed
- Size
  
  1.5MB
- MD5
  
  29f6bf4694dcdbdaa456aef63b364596
- SHA1
  
  45d22bf140f61076562383e4907c3573d30c02cf
- SHA256
  
  e1446654518e6b24ccb9dcac64d3f7b42d5932f8001ebdf529945c21eb4896ed
- SHA512
  
  a4c19973f8fb9f7744885161a8e3cfb58afc4c38853ffd4c5cfa9ecb77177fcd2641834e12f9444d3c344faca1a4a616649c158ec664c3678954b1771bc1031d
- SSDEEP
  
  24576:/yeNJ6GLgYfVZb0Q6+TBkHQvlOUP9A+GmFi60hBJ0biHfZcDNCmhbKbkp1:KIJ6GEYfVZopqBEwp9AfNHR/Q3BKwp
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1