17bbf9a7c7d843240fec508e0ee3095aae4fd5d180ec2e80f8f58f9b42c7077f | Triage

Sharing

General

Target

17fdeae424ee8a8c173da81d61214492
Size

275KB
Sample

231225-mrdp9ahba4
MD5

17fdeae424ee8a8c173da81d61214492
SHA1

11cbf760492aa2f8600b960c9fee2370740437c8
SHA256

17bbf9a7c7d843240fec508e0ee3095aae4fd5d180ec2e80f8f58f9b42c7077f
SHA512

4eddcd544f6da5750c7ebdcb62c1640ece6d944046f80ebca6d284bd2ebd813f6d106a426e3e875a5398077afae42776385ee0c5f7b6e726830459c91ab34617
SSDEEP

6144:qvyVyBhl40pPbMHLdL1hALe+2NirdrQdZ5wUKD04N6RE:qvAy14wbMdoLT2NKcfwHNN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  17fdeae424ee8a8c173da81d61214492
- Size
  
  275KB
- MD5
  
  17fdeae424ee8a8c173da81d61214492
- SHA1
  
  11cbf760492aa2f8600b960c9fee2370740437c8
- SHA256
  
  17bbf9a7c7d843240fec508e0ee3095aae4fd5d180ec2e80f8f58f9b42c7077f
- SHA512
  
  4eddcd544f6da5750c7ebdcb62c1640ece6d944046f80ebca6d284bd2ebd813f6d106a426e3e875a5398077afae42776385ee0c5f7b6e726830459c91ab34617
- SSDEEP
  
  6144:qvyVyBhl40pPbMHLdL1hALe+2NirdrQdZ5wUKD04N6RE:qvAy14wbMdoLT2NKcfwHNN
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2