4fdae5266a87b4570e8e9c94bfcc3b20a791d9213d248c925ba8fbb4536f9306 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

791846c1358280cec00e9e5fc6187456
Size

377KB
Sample

231226-sydayseee5
MD5

791846c1358280cec00e9e5fc6187456
SHA1

03c50685b9c3be2a25f8d3872955a80f05b60144
SHA256

4fdae5266a87b4570e8e9c94bfcc3b20a791d9213d248c925ba8fbb4536f9306
SHA512

be19c3cc9bb4f2975d7a298a0222e2fac0873b00fb15cdb8e972075bc4c95b0c91b9b5bd883fae84c981d87fafa262a59c2879d4739a1b4c73e81833d69deb94
SSDEEP

6144:xOE7y4hS0tw2jKCAJ3RgPotE9gdMxJoZW3mRNYzKRSkJpuuuuuuuuuuuuuuuuuu1:24o0OU8EgJd8JONuopuuuuuuuuuuuuuC

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  791846c1358280cec00e9e5fc6187456
- Size
  
  377KB
- MD5
  
  791846c1358280cec00e9e5fc6187456
- SHA1
  
  03c50685b9c3be2a25f8d3872955a80f05b60144
- SHA256
  
  4fdae5266a87b4570e8e9c94bfcc3b20a791d9213d248c925ba8fbb4536f9306
- SHA512
  
  be19c3cc9bb4f2975d7a298a0222e2fac0873b00fb15cdb8e972075bc4c95b0c91b9b5bd883fae84c981d87fafa262a59c2879d4739a1b4c73e81833d69deb94
- SSDEEP
  
  6144:xOE7y4hS0tw2jKCAJ3RgPotE9gdMxJoZW3mRNYzKRSkJpuuuuuuuuuuuuuuuuuu1:24o0OU8EgJd8JONuopuuuuuuuuuuuuuC
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2