c6eed847f0d3522fbcdfbbc4a7806e6943d9a3fbb3e1cfeb95bd0d87eb776145 | Triage

Sharing

General

Target

3fb01b99289afbb69f94fb5d7895cd44
Size

48KB
Sample

231225-1885dahffk
MD5

3fb01b99289afbb69f94fb5d7895cd44
SHA1

d43882830dc42599c284ffb24d10a88419b793a9
SHA256

c6eed847f0d3522fbcdfbbc4a7806e6943d9a3fbb3e1cfeb95bd0d87eb776145
SHA512

133b1eddf081d66894c4a4a1603a80e8808ecbe31e8953a1208d5c03309ebaa979b11a06874d8dd06f18f2deb26dfd66a6d5eadc7680a7128bbdd8b1015c6e61
SSDEEP

768:to4IuGXkKB/eln6kH2rZc+Ed8k/UM8LWIUFuITZe7E9QFpoINPz87:XGXkKFekLZk/UzLWIUt8I9YSINPK

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3fb01b99289afbb69f94fb5d7895cd44
- Size
  
  48KB
- MD5
  
  3fb01b99289afbb69f94fb5d7895cd44
- SHA1
  
  d43882830dc42599c284ffb24d10a88419b793a9
- SHA256
  
  c6eed847f0d3522fbcdfbbc4a7806e6943d9a3fbb3e1cfeb95bd0d87eb776145
- SHA512
  
  133b1eddf081d66894c4a4a1603a80e8808ecbe31e8953a1208d5c03309ebaa979b11a06874d8dd06f18f2deb26dfd66a6d5eadc7680a7128bbdd8b1015c6e61
- SSDEEP
  
  768:to4IuGXkKB/eln6kH2rZc+Ed8k/UM8LWIUFuITZe7E9QFpoINPz87:XGXkKFekLZk/UzLWIUt8I9YSINPK
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2