44c8bd65e74bc5e11c7deea39abcf719c7b390c4cec2275fd895f9bc18320743 | Triage

Sharing

General

Target

2a838d92124222fbef7429e324131eba
Size

212KB
Sample

231225-s8qc9saehp
MD5

2a838d92124222fbef7429e324131eba
SHA1

7b4b5682b107b306e71ac45a06977883c659cc53
SHA256

44c8bd65e74bc5e11c7deea39abcf719c7b390c4cec2275fd895f9bc18320743
SHA512

d991be1c72b490c630d1c62112bc1ec7d3fb2176819113c117c44af6f8bc97ba71ed172758b52a88d7b14814c9e994512a2ea2d27faca4e58449c971c399a3d1
SSDEEP

6144:8ZdqqDLl00jGiJjM6Ow1A3f6fmBjFwdmIt+t:8Zgqnl00jN5p1Q6kgmG+

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2a838d92124222fbef7429e324131eba
- Size
  
  212KB
- MD5
  
  2a838d92124222fbef7429e324131eba
- SHA1
  
  7b4b5682b107b306e71ac45a06977883c659cc53
- SHA256
  
  44c8bd65e74bc5e11c7deea39abcf719c7b390c4cec2275fd895f9bc18320743
- SHA512
  
  d991be1c72b490c630d1c62112bc1ec7d3fb2176819113c117c44af6f8bc97ba71ed172758b52a88d7b14814c9e994512a2ea2d27faca4e58449c971c399a3d1
- SSDEEP
  
  6144:8ZdqqDLl00jGiJjM6Ow1A3f6fmBjFwdmIt+t:8Zgqnl00jN5p1Q6kgmG+
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2