c6f700253c650e6595b8c8aad96d8907e90e3d82b6d6881aa713c2fb92d28ed2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

295e3870060c440669699e92475b2498
Size

20KB
Sample

231225-swk8sagecq
MD5

295e3870060c440669699e92475b2498
SHA1

4fc3896f03adec73d15cf6edfc6d9379cdd63fce
SHA256

c6f700253c650e6595b8c8aad96d8907e90e3d82b6d6881aa713c2fb92d28ed2
SHA512

830ea9bc6f03890424d061ab480cf2ff65e0fce040be9a386c01a92d4801c804e4f21c5df9e74259e8d589508cc81add0238d8be7ac85034366802ff6a1a3d73
SSDEEP

192:xU7lH4WHwya5pKLbdmLkiG7zZFkiG17a7RjZ1wTQyGrx5eT/nEucZs:xkqWHda5pKHsLPG7dFNoSkTVGr1P

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  295e3870060c440669699e92475b2498
- Size
  
  20KB
- MD5
  
  295e3870060c440669699e92475b2498
- SHA1
  
  4fc3896f03adec73d15cf6edfc6d9379cdd63fce
- SHA256
  
  c6f700253c650e6595b8c8aad96d8907e90e3d82b6d6881aa713c2fb92d28ed2
- SHA512
  
  830ea9bc6f03890424d061ab480cf2ff65e0fce040be9a386c01a92d4801c804e4f21c5df9e74259e8d589508cc81add0238d8be7ac85034366802ff6a1a3d73
- SSDEEP
  
  192:xU7lH4WHwya5pKLbdmLkiG7zZFkiG17a7RjZ1wTQyGrx5eT/nEucZs:xkqWHda5pKHsLPG7dFNoSkTVGr1P
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2