47ecde2179ec33a1f9aedd0df31a093efc395e02a5491f67da09943b6509b470 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a4dfde948ad7ec8a97ff5a80fba2fae
Size

369KB
Sample

231225-yw3qqahce2
MD5

3a4dfde948ad7ec8a97ff5a80fba2fae
SHA1

a5ecb91b8396a7fa7099eab51e9c1840d0585dee
SHA256

47ecde2179ec33a1f9aedd0df31a093efc395e02a5491f67da09943b6509b470
SHA512

f0fae067675f8f0bcf8521a40f564e3b26089dccbb1784476872af834a397e08fbebe94500b42b3ccf3ae771f0286c9ada74d69aeb46c9dd793e003fda470330
SSDEEP

6144:7Drk+NyRaIjsQAxdOqkgNQ5juco9LvM13WgIUiIBCKTusSzc+b0lQ6QF7QsNl3:7sCU4QAxd9N7613Wgslfc+bQy

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3a4dfde948ad7ec8a97ff5a80fba2fae
- Size
  
  369KB
- MD5
  
  3a4dfde948ad7ec8a97ff5a80fba2fae
- SHA1
  
  a5ecb91b8396a7fa7099eab51e9c1840d0585dee
- SHA256
  
  47ecde2179ec33a1f9aedd0df31a093efc395e02a5491f67da09943b6509b470
- SHA512
  
  f0fae067675f8f0bcf8521a40f564e3b26089dccbb1784476872af834a397e08fbebe94500b42b3ccf3ae771f0286c9ada74d69aeb46c9dd793e003fda470330
- SSDEEP
  
  6144:7Drk+NyRaIjsQAxdOqkgNQ5juco9LvM13WgIUiIBCKTusSzc+b0lQ6QF7QsNl3:7sCU4QAxd9N7613Wgslfc+bQy
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2