5b210b801613f51262f0d2fcefdb5bfa57515b4b30cdced418eaf54a49c781d9 | Triage

Sharing

General

Target

0c64bc2a1c9496181e79c3aa75445b41
Size

1.7MB
Sample

231230-djkn6abca7
MD5

0c64bc2a1c9496181e79c3aa75445b41
SHA1

80fd654d987bc9dec2fc17e2a505167c7ca55e94
SHA256

5b210b801613f51262f0d2fcefdb5bfa57515b4b30cdced418eaf54a49c781d9
SHA512

7e140679b6fbd15f94773a661ac59f40e2aad9aadce40778ff4d05ad24923d5da578f04561731b7652019a41fcbf41367f3c958cce13ede34ea2fea322eac4a8
SSDEEP

49152:E6Puvkka04IgQcbGoCSw4EDnPiCLM3bhVPaS:8ZVLo2CF3b/

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  0c64bc2a1c9496181e79c3aa75445b41
- Size
  
  1.7MB
- MD5
  
  0c64bc2a1c9496181e79c3aa75445b41
- SHA1
  
  80fd654d987bc9dec2fc17e2a505167c7ca55e94
- SHA256
  
  5b210b801613f51262f0d2fcefdb5bfa57515b4b30cdced418eaf54a49c781d9
- SHA512
  
  7e140679b6fbd15f94773a661ac59f40e2aad9aadce40778ff4d05ad24923d5da578f04561731b7652019a41fcbf41367f3c958cce13ede34ea2fea322eac4a8
- SSDEEP
  
  49152:E6Puvkka04IgQcbGoCSw4EDnPiCLM3bhVPaS:8ZVLo2CF3b/
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2