bc3a39e83ea5fafc11dc1cd122ff54610c482b404ae96be102daf8606ec41460 | Triage

Sharing

General

Target

0dfb4cb3d21e241c2c1c0ec1e9cfdf8b
Size

570KB
Sample

231230-errccacgg5
MD5

0dfb4cb3d21e241c2c1c0ec1e9cfdf8b
SHA1

2e3e97263ce39db01c97aa8c3b41f6daf437c59f
SHA256

bc3a39e83ea5fafc11dc1cd122ff54610c482b404ae96be102daf8606ec41460
SHA512

8b2d247a0609a8adc197c8efc665815b017de7f1b22d58e7443a3f96f75120864cd549ff15e3de31d99fce19678213b0bd0fe46537669faf30f16aee5ecde2c0
SSDEEP

12288:BR0W1K3DnsxsbKKPjZNuSIw7uBflYN0ThoVLCNMRQ3MATMOqHpklS:n0W4DsxsbzcflYN0S1CSQ3lTMTHpL

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  0dfb4cb3d21e241c2c1c0ec1e9cfdf8b
- Size
  
  570KB
- MD5
  
  0dfb4cb3d21e241c2c1c0ec1e9cfdf8b
- SHA1
  
  2e3e97263ce39db01c97aa8c3b41f6daf437c59f
- SHA256
  
  bc3a39e83ea5fafc11dc1cd122ff54610c482b404ae96be102daf8606ec41460
- SHA512
  
  8b2d247a0609a8adc197c8efc665815b017de7f1b22d58e7443a3f96f75120864cd549ff15e3de31d99fce19678213b0bd0fe46537669faf30f16aee5ecde2c0
- SSDEEP
  
  12288:BR0W1K3DnsxsbKKPjZNuSIw7uBflYN0ThoVLCNMRQ3MATMOqHpklS:n0W4DsxsbzcflYN0S1CSQ3lTMTHpL
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2