40a18edab89c91c6c457a1c9dd33c3ca3ab97d755ce9af132bfdfd1f2d55c390 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1006f3655838b8b52a03fa21cba87a4e
Size

20KB
Sample

231225-jnnjhafgh4
MD5

1006f3655838b8b52a03fa21cba87a4e
SHA1

027e942d5de031a4a1f52286020db2c19d3f0379
SHA256

40a18edab89c91c6c457a1c9dd33c3ca3ab97d755ce9af132bfdfd1f2d55c390
SHA512

fb51f4e3cec8d01ab8c373e0e3eb105eb92914a964f51bdac0c741b139fb83b32cbe14548b007a83eb22c6b62e2e46fb61b621781cf176983fc661fea189f767
SSDEEP

192:YAiVgBcnIILbU1dWLiXjCxPLsuirxMCgcL6ApyoaivfwM:YjVMIH0dWGOmt52hot

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1006f3655838b8b52a03fa21cba87a4e
- Size
  
  20KB
- MD5
  
  1006f3655838b8b52a03fa21cba87a4e
- SHA1
  
  027e942d5de031a4a1f52286020db2c19d3f0379
- SHA256
  
  40a18edab89c91c6c457a1c9dd33c3ca3ab97d755ce9af132bfdfd1f2d55c390
- SHA512
  
  fb51f4e3cec8d01ab8c373e0e3eb105eb92914a964f51bdac0c741b139fb83b32cbe14548b007a83eb22c6b62e2e46fb61b621781cf176983fc661fea189f767
- SSDEEP
  
  192:YAiVgBcnIILbU1dWLiXjCxPLsuirxMCgcL6ApyoaivfwM:YjVMIH0dWGOmt52hot
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2