e6fd7760bbb2aa44d80f307a27ae43bc4be31a74e83eb6777da21815fdfc9b4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26d52a9c446ce22171b6e5ce981a14a7
Size

38KB
Sample

231225-r6gsnscadk
MD5

26d52a9c446ce22171b6e5ce981a14a7
SHA1

2cec72af96abc1931592fd5541d8d907405efd06
SHA256

e6fd7760bbb2aa44d80f307a27ae43bc4be31a74e83eb6777da21815fdfc9b4f
SHA512

a47ef4ee337d612a634ccd750ed444da1eb4c24468971d73dc2a987947870e44b1a209c32916dd540769b5850799d30495cc12f614547ce39a20d633b50a1126
SSDEEP

768:3NgNqp9z3TSSL7NXaKJjLMBbZbY5wW6VHMBIcGA+sbMF2aVVgM:dgNqnz3TSSLRzPobZswlV4KIMF2AV

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  26d52a9c446ce22171b6e5ce981a14a7
- Size
  
  38KB
- MD5
  
  26d52a9c446ce22171b6e5ce981a14a7
- SHA1
  
  2cec72af96abc1931592fd5541d8d907405efd06
- SHA256
  
  e6fd7760bbb2aa44d80f307a27ae43bc4be31a74e83eb6777da21815fdfc9b4f
- SHA512
  
  a47ef4ee337d612a634ccd750ed444da1eb4c24468971d73dc2a987947870e44b1a209c32916dd540769b5850799d30495cc12f614547ce39a20d633b50a1126
- SSDEEP
  
  768:3NgNqp9z3TSSL7NXaKJjLMBbZbY5wW6VHMBIcGA+sbMF2aVVgM:dgNqnz3TSSLRzPobZswlV4KIMF2AV
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2