e1a59060da34661d6dce398ed14308d92640844daabe31e1604b7b8c4fc12c63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15ed1118d13cbeb82990e6e2cf33c506
Size

116KB
Sample

231230-mh8h9sbha5
MD5

15ed1118d13cbeb82990e6e2cf33c506
SHA1

0b3bed9f357f65b695e06df0df911a2edb2f03a8
SHA256

e1a59060da34661d6dce398ed14308d92640844daabe31e1604b7b8c4fc12c63
SHA512

0d7c9ae8e083f627ce88cc9b776294537fe24f522c1966f6dbaa911376f2e4b26252f8ff8a72b578a0fdcaaa18955fb06ea276ea0cdf368611ab3b9ca248ff65
SSDEEP

3072:6/uzwf9se/JUkxRWySst/CojxqdQUNsk8:6/ucfOCuQROstlxqdVNM

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  15ed1118d13cbeb82990e6e2cf33c506
- Size
  
  116KB
- MD5
  
  15ed1118d13cbeb82990e6e2cf33c506
- SHA1
  
  0b3bed9f357f65b695e06df0df911a2edb2f03a8
- SHA256
  
  e1a59060da34661d6dce398ed14308d92640844daabe31e1604b7b8c4fc12c63
- SHA512
  
  0d7c9ae8e083f627ce88cc9b776294537fe24f522c1966f6dbaa911376f2e4b26252f8ff8a72b578a0fdcaaa18955fb06ea276ea0cdf368611ab3b9ca248ff65
- SSDEEP
  
  3072:6/uzwf9se/JUkxRWySst/CojxqdQUNsk8:6/ucfOCuQROstlxqdVNM
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2