6a91094eafee6fb2a339dd6b01042b4da9b5ed3caded4116ce3e8a7a0ef9892a | Triage

Sharing

General

Target

058de16bf9e393984b5cb216fcf4d3db
Size

770KB
Sample

231224-tw4kssagap
MD5

058de16bf9e393984b5cb216fcf4d3db
SHA1

24c25e3b9d94aa4160c7c9468c74b569b7261412
SHA256

6a91094eafee6fb2a339dd6b01042b4da9b5ed3caded4116ce3e8a7a0ef9892a
SHA512

62bdc85b1cd2cacfc821a742d124333afd66a686cac1aa4865da75400e37af1a1a9aebd4519e7089627532141c7ce33d9fdbd0e9f78431972ce9685605417f09
SSDEEP

24576:G/9Alag7A9aqoPS0lCT8t+jN7Cw6IDL9:G/+lag7A9aqMCT/Rew6IDL

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  058de16bf9e393984b5cb216fcf4d3db
- Size
  
  770KB
- MD5
  
  058de16bf9e393984b5cb216fcf4d3db
- SHA1
  
  24c25e3b9d94aa4160c7c9468c74b569b7261412
- SHA256
  
  6a91094eafee6fb2a339dd6b01042b4da9b5ed3caded4116ce3e8a7a0ef9892a
- SHA512
  
  62bdc85b1cd2cacfc821a742d124333afd66a686cac1aa4865da75400e37af1a1a9aebd4519e7089627532141c7ce33d9fdbd0e9f78431972ce9685605417f09
- SSDEEP
  
  24576:G/9Alag7A9aqoPS0lCT8t+jN7Cw6IDL9:G/+lag7A9aqMCT/Rew6IDL
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2