7cf1618fd78706bdeb2e7013fb547cb3cfa0ed0f7983c0e88e7bd5901f11800b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f5eedcf86b920f00e85e961f5f73599
Size

277KB
Sample

231225-16e4hsagf6
MD5

3f5eedcf86b920f00e85e961f5f73599
SHA1

77207678ecd35754b8b1ad8572d6cc3517846499
SHA256

7cf1618fd78706bdeb2e7013fb547cb3cfa0ed0f7983c0e88e7bd5901f11800b
SHA512

be6d28bda9d5ddea8486c6dfff6ab64ac37ac11cda2db0f382700ff75731aa8fc34a3cf79674356bdc013f3c8203aeef3842c75b88c613ce9a22dd82b52d479c
SSDEEP

6144:nJ4bYG6rzysDrwsSSYpkrD77q3UwQi7bQCAEzo:nJonTkrwsSSYmn77OUZi7kCTo

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3f5eedcf86b920f00e85e961f5f73599
- Size
  
  277KB
- MD5
  
  3f5eedcf86b920f00e85e961f5f73599
- SHA1
  
  77207678ecd35754b8b1ad8572d6cc3517846499
- SHA256
  
  7cf1618fd78706bdeb2e7013fb547cb3cfa0ed0f7983c0e88e7bd5901f11800b
- SHA512
  
  be6d28bda9d5ddea8486c6dfff6ab64ac37ac11cda2db0f382700ff75731aa8fc34a3cf79674356bdc013f3c8203aeef3842c75b88c613ce9a22dd82b52d479c
- SSDEEP
  
  6144:nJ4bYG6rzysDrwsSSYpkrD77q3UwQi7bQCAEzo:nJonTkrwsSSYmn77OUZi7kCTo
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2