d63d7767c248b2948e6dd54b22fca341471174e4735a8cf38f499361c595f3bf | Triage

Sharing

General

Target

fd1e5405f110f738ec51eb89c01c9e1a
Size

1.8MB
Sample

231228-2g8j7sfbcn
MD5

fd1e5405f110f738ec51eb89c01c9e1a
SHA1

c854dc1265bea5ba13ced95474f6247c8440b45a
SHA256

d63d7767c248b2948e6dd54b22fca341471174e4735a8cf38f499361c595f3bf
SHA512

d79d498176ffd44191ab9b3103922bfa2eeefad76f8e4cccacfbd7d5abdc71181e6b4febecdb82e8111a9fddb70b0ad90085d5353f8181794a2bd1e826356bd1
SSDEEP

24576:A0VUIfGpCNImJJtAv62p3Kvj8Opwnbw7EJj:A8fGpCNIWAv9kvtpU5Jj

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  fd1e5405f110f738ec51eb89c01c9e1a
- Size
  
  1.8MB
- MD5
  
  fd1e5405f110f738ec51eb89c01c9e1a
- SHA1
  
  c854dc1265bea5ba13ced95474f6247c8440b45a
- SHA256
  
  d63d7767c248b2948e6dd54b22fca341471174e4735a8cf38f499361c595f3bf
- SHA512
  
  d79d498176ffd44191ab9b3103922bfa2eeefad76f8e4cccacfbd7d5abdc71181e6b4febecdb82e8111a9fddb70b0ad90085d5353f8181794a2bd1e826356bd1
- SSDEEP
  
  24576:A0VUIfGpCNImJJtAv62p3Kvj8Opwnbw7EJj:A8fGpCNIWAv9kvtpU5Jj
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2