4f66147faee9d1acff111b4f5fbbecce6cc7b88904d0833d8b889dcec37292b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60a2b034bd55efea03c4852ebb5e0745
Size

207KB
Sample

231226-kl6sqscag8
MD5

60a2b034bd55efea03c4852ebb5e0745
SHA1

8c5c7a6cfaa502578f6cf88fd7daa259abdd63ce
SHA256

4f66147faee9d1acff111b4f5fbbecce6cc7b88904d0833d8b889dcec37292b4
SHA512

214b4a5e38592f1972f77b01039e0bbb5f19ae45e86a5e632b18c3080c54b7dea8d283f05dbf2ee287cf2648932621f023a688ac7fea0116d27a01bfcaae8c6a
SSDEEP

6144:JnQ7NAFT5X/PzviT9OppxVaaldOjiGcgj1Ph:+BAFZ/LO9Opp/xdq9Rp

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  60a2b034bd55efea03c4852ebb5e0745
- Size
  
  207KB
- MD5
  
  60a2b034bd55efea03c4852ebb5e0745
- SHA1
  
  8c5c7a6cfaa502578f6cf88fd7daa259abdd63ce
- SHA256
  
  4f66147faee9d1acff111b4f5fbbecce6cc7b88904d0833d8b889dcec37292b4
- SHA512
  
  214b4a5e38592f1972f77b01039e0bbb5f19ae45e86a5e632b18c3080c54b7dea8d283f05dbf2ee287cf2648932621f023a688ac7fea0116d27a01bfcaae8c6a
- SSDEEP
  
  6144:JnQ7NAFT5X/PzviT9OppxVaaldOjiGcgj1Ph:+BAFZ/LO9Opp/xdq9Rp
Score

8^/10

evasion persistence
- Disables taskbar notifications via registry modification
  evasion
- Modifies Installed Components in the registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2