3f1623b828a933cf6417c90fca8c369450eb964a3b0e5d93a9f4a50b75c869f1 | Triage

Sharing

General

Target

08b00ba850ecccea9f9923bccd4b1ec1
Size

138KB
Sample

231230-awv4waaagq
MD5

08b00ba850ecccea9f9923bccd4b1ec1
SHA1

d70f8be3a246bf33f8cf11bf02bb7305b1030b42
SHA256

3f1623b828a933cf6417c90fca8c369450eb964a3b0e5d93a9f4a50b75c869f1
SHA512

804a73d23ec9cc916d673e67571dd946698136f7cc4dbe2122d485301d3e0935d1a8b2207055e39220ce4c6dbddbf290c41e08367b7622b27403b61c620e1d85
SSDEEP

3072:51T792yOsRDHNaS/ckLCersGf9Yk1cJI0cXdEBslP01aQFCWz:51T79LHNPpaGf8IHXdEZ1aQFX

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  08b00ba850ecccea9f9923bccd4b1ec1
- Size
  
  138KB
- MD5
  
  08b00ba850ecccea9f9923bccd4b1ec1
- SHA1
  
  d70f8be3a246bf33f8cf11bf02bb7305b1030b42
- SHA256
  
  3f1623b828a933cf6417c90fca8c369450eb964a3b0e5d93a9f4a50b75c869f1
- SHA512
  
  804a73d23ec9cc916d673e67571dd946698136f7cc4dbe2122d485301d3e0935d1a8b2207055e39220ce4c6dbddbf290c41e08367b7622b27403b61c620e1d85
- SSDEEP
  
  3072:51T792yOsRDHNaS/ckLCersGf9Yk1cJI0cXdEBslP01aQFCWz:51T79LHNPpaGf8IHXdEZ1aQFX
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2