fa4e871559819f4da3fc949b3722fd4d1ac5d51cfa66519cdb7f818bbd4568e5 | Triage

Sharing

General

Target

1d6fd2c21a555c19b244809b66e16711
Size

160KB
Sample

231230-1lv91aeebj
MD5

1d6fd2c21a555c19b244809b66e16711
SHA1

1595476bfb22a1b899254201af7c8437be874746
SHA256

fa4e871559819f4da3fc949b3722fd4d1ac5d51cfa66519cdb7f818bbd4568e5
SHA512

aa67fadb97ac90b8e03f53d748a1b15ee84625bc1b9738dae3fbbc6547a87c54755741af2f0a73b7ae005ed97422ac3d077b74c1fb32b27ee880db8365579b94
SSDEEP

3072:YTbuhFW5DEFXfi6oyg706SwG+7LYDnlpp+y7Nw5+BUjW5Qib:Y38WkKAgQ6SwG9DlCx+GjWi+

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1d6fd2c21a555c19b244809b66e16711
- Size
  
  160KB
- MD5
  
  1d6fd2c21a555c19b244809b66e16711
- SHA1
  
  1595476bfb22a1b899254201af7c8437be874746
- SHA256
  
  fa4e871559819f4da3fc949b3722fd4d1ac5d51cfa66519cdb7f818bbd4568e5
- SHA512
  
  aa67fadb97ac90b8e03f53d748a1b15ee84625bc1b9738dae3fbbc6547a87c54755741af2f0a73b7ae005ed97422ac3d077b74c1fb32b27ee880db8365579b94
- SSDEEP
  
  3072:YTbuhFW5DEFXfi6oyg706SwG+7LYDnlpp+y7Nw5+BUjW5Qib:Y38WkKAgQ6SwG9DlCx+GjWi+
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2