dfd8492d0904608a5b3907d7234a3a581326a09bc7e8a1f3c598490dffa96482 | Triage

Sharing

General

Target

020a3e7a5ef5a737703d956dbea15f87
Size

44KB
Sample

231229-yds4kageb6
MD5

020a3e7a5ef5a737703d956dbea15f87
SHA1

19ed18bcfba64123a181c41668e4b5344b59e346
SHA256

dfd8492d0904608a5b3907d7234a3a581326a09bc7e8a1f3c598490dffa96482
SHA512

2d859cbe1a0680885b7b1f4bc01aba0a2d545673d3c6e13f52f10261889c715ca99f48a4e12af54615deb4e56a7de7570409c43fb794d3ba47ab387d6b69b26f
SSDEEP

768:CPXXwC7mhYq8E8hmqbpalX4unK2naay2T2gpp5zko2t0XBTNaY27n:CIC7mhYq8Kq4BvnaayaFpp5SQTT27n

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  020a3e7a5ef5a737703d956dbea15f87
- Size
  
  44KB
- MD5
  
  020a3e7a5ef5a737703d956dbea15f87
- SHA1
  
  19ed18bcfba64123a181c41668e4b5344b59e346
- SHA256
  
  dfd8492d0904608a5b3907d7234a3a581326a09bc7e8a1f3c598490dffa96482
- SHA512
  
  2d859cbe1a0680885b7b1f4bc01aba0a2d545673d3c6e13f52f10261889c715ca99f48a4e12af54615deb4e56a7de7570409c43fb794d3ba47ab387d6b69b26f
- SSDEEP
  
  768:CPXXwC7mhYq8E8hmqbpalX4unK2naay2T2gpp5zko2t0XBTNaY27n:CIC7mhYq8Kq4BvnaayaFpp5SQTT27n
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2