75fd33c51d2d1813aeeabc0b3c50b4e14b7909e23ab9c751d9df9fbe6eb0c4ef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f1cd0f74dafe272767c64bbccf6d3e4
Size

44KB
Sample

231226-vnh5kaggd8
MD5

7f1cd0f74dafe272767c64bbccf6d3e4
SHA1

798bc72b24de862250c253e6d6ad0feac406347f
SHA256

75fd33c51d2d1813aeeabc0b3c50b4e14b7909e23ab9c751d9df9fbe6eb0c4ef
SHA512

72f0330c107ac9c184ee7c804e424e3a6db6de686e5e551c57d9098051344bb5b507d3ea975b03426882260c4c320a3fa9194d22db700224d98a09210da20929
SSDEEP

384:CtoFSZ28yYrmvbsPM3hQvtdd5+umc6k8la30/qvgENJpi1zdW1yp:Ct6SZ8YrmTP3hatdnQhkfkS1NXi1zdu

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7f1cd0f74dafe272767c64bbccf6d3e4
- Size
  
  44KB
- MD5
  
  7f1cd0f74dafe272767c64bbccf6d3e4
- SHA1
  
  798bc72b24de862250c253e6d6ad0feac406347f
- SHA256
  
  75fd33c51d2d1813aeeabc0b3c50b4e14b7909e23ab9c751d9df9fbe6eb0c4ef
- SHA512
  
  72f0330c107ac9c184ee7c804e424e3a6db6de686e5e551c57d9098051344bb5b507d3ea975b03426882260c4c320a3fa9194d22db700224d98a09210da20929
- SSDEEP
  
  384:CtoFSZ28yYrmvbsPM3hQvtdd5+umc6k8la30/qvgENJpi1zdW1yp:Ct6SZ8YrmTP3hatdnQhkfkS1NXi1zdu
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Deletes itself
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2