e7e7a9ea982d3fda4e97af265b72c5bbfd3a25317250cb6e4b77dcb17e18a5dc | Triage

Sharing

General

Target

1ab4dacfc3feff282cd436b664d93074
Size

98KB
Sample

231230-q8eknafdg6
MD5

1ab4dacfc3feff282cd436b664d93074
SHA1

79bb6fe1ec713b163965c565e5ec7414bb579a1a
SHA256

e7e7a9ea982d3fda4e97af265b72c5bbfd3a25317250cb6e4b77dcb17e18a5dc
SHA512

637bc1144db7176e2980830a39e35910b36eaa1ec58f0c78423ac0fa83db23a62e15680091808350d01b47b0d3f6b72c8725ecd54625d9e8e2c5dd1ff11c0d5d
SSDEEP

3072:Qnj9jtfU+INndIc0JSBrQDUKWcMFBKS6h253VZ9R:QjbeiyBlFkS6h2L

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1ab4dacfc3feff282cd436b664d93074
- Size
  
  98KB
- MD5
  
  1ab4dacfc3feff282cd436b664d93074
- SHA1
  
  79bb6fe1ec713b163965c565e5ec7414bb579a1a
- SHA256
  
  e7e7a9ea982d3fda4e97af265b72c5bbfd3a25317250cb6e4b77dcb17e18a5dc
- SHA512
  
  637bc1144db7176e2980830a39e35910b36eaa1ec58f0c78423ac0fa83db23a62e15680091808350d01b47b0d3f6b72c8725ecd54625d9e8e2c5dd1ff11c0d5d
- SSDEEP
  
  3072:Qnj9jtfU+INndIc0JSBrQDUKWcMFBKS6h253VZ9R:QjbeiyBlFkS6h2L
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2