4c6f8a2451316c99e6424b0a70a89f6fd3ce3c5a89c32082daeb9356d8e85b6a | Triage

Sharing

General

Target

1165d97fcfc84cf2835b0e1dc200b28d
Size

130KB
Sample

231230-hj451seedk
MD5

1165d97fcfc84cf2835b0e1dc200b28d
SHA1

5d6ad7b394b6f58fec96d3c13da3e1bdbd0a1730
SHA256

4c6f8a2451316c99e6424b0a70a89f6fd3ce3c5a89c32082daeb9356d8e85b6a
SHA512

7c4343855f3675ca1cd3e692368777252b8487193cda87c5a33c52dbd95b228fa69ea6c4cd3d04bf56084db3d3f026459e7a5d39fe7e1f07e99baee0dec5daa4
SSDEEP

3072:PheO/yjnK66FPaA7wiicPNuOdZ+m/LMnvVz:PheO/1A0wihM0+yovN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1165d97fcfc84cf2835b0e1dc200b28d
- Size
  
  130KB
- MD5
  
  1165d97fcfc84cf2835b0e1dc200b28d
- SHA1
  
  5d6ad7b394b6f58fec96d3c13da3e1bdbd0a1730
- SHA256
  
  4c6f8a2451316c99e6424b0a70a89f6fd3ce3c5a89c32082daeb9356d8e85b6a
- SHA512
  
  7c4343855f3675ca1cd3e692368777252b8487193cda87c5a33c52dbd95b228fa69ea6c4cd3d04bf56084db3d3f026459e7a5d39fe7e1f07e99baee0dec5daa4
- SSDEEP
  
  3072:PheO/yjnK66FPaA7wiicPNuOdZ+m/LMnvVz:PheO/1A0wihM0+yovN
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2