9034412d40ceeceb4771bd74e010e1782435d3de800a5fc8544bddedf28d0e18 | Triage

Sharing

General

Target

26ab4c648f8df6859ae4b4efc9ce0c53
Size

136KB
Sample

231225-r4z68sbgam
MD5

26ab4c648f8df6859ae4b4efc9ce0c53
SHA1

280cc2b7ae048eedf835a0da7f52994aa964c739
SHA256

9034412d40ceeceb4771bd74e010e1782435d3de800a5fc8544bddedf28d0e18
SHA512

29cee52de61d53c17d5115d5b066ca1e4fff7593d1f90bf0e7339197c4c59861bea9c6c255dfe0f354e32213376bf545aa3cf2a4183061d2a80dae3115a20808
SSDEEP

3072:gZbQawG5CLy8M0jYxByGobQtK8bu9yAAGkICaudkC:gNKg0jY7ob+butujdt

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  26ab4c648f8df6859ae4b4efc9ce0c53
- Size
  
  136KB
- MD5
  
  26ab4c648f8df6859ae4b4efc9ce0c53
- SHA1
  
  280cc2b7ae048eedf835a0da7f52994aa964c739
- SHA256
  
  9034412d40ceeceb4771bd74e010e1782435d3de800a5fc8544bddedf28d0e18
- SHA512
  
  29cee52de61d53c17d5115d5b066ca1e4fff7593d1f90bf0e7339197c4c59861bea9c6c255dfe0f354e32213376bf545aa3cf2a4183061d2a80dae3115a20808
- SSDEEP
  
  3072:gZbQawG5CLy8M0jYxByGobQtK8bu9yAAGkICaudkC:gNKg0jY7ob+butujdt
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2