1ea24803aec7be812001df5509285b29f3c963e1604c55b2957443212937f847 | Triage

Sharing

General

Target

20f0c29b9cee60d6a40a0bfc2a942d11
Size

414KB
Sample

231231-abk36sacek
MD5

20f0c29b9cee60d6a40a0bfc2a942d11
SHA1

682f1f99edb0e74b26f0f6fda255cce9e24c4211
SHA256

1ea24803aec7be812001df5509285b29f3c963e1604c55b2957443212937f847
SHA512

c7fe2e9323ce0160f691e1bb6ed74abf0f5355a241373ab48378f02b2a96afa7be08d840c8bec1e33195cef94f08c3b646abbd3b85fc2536bb2d71667452560b
SSDEEP

6144:r5CFwkrdy8ly0ZYv5b234BBWDoP1e6AqCJsaE+N8PVT5BcOsi:d+widyjEYv5b2IADoP15J4YBBr

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  20f0c29b9cee60d6a40a0bfc2a942d11
- Size
  
  414KB
- MD5
  
  20f0c29b9cee60d6a40a0bfc2a942d11
- SHA1
  
  682f1f99edb0e74b26f0f6fda255cce9e24c4211
- SHA256
  
  1ea24803aec7be812001df5509285b29f3c963e1604c55b2957443212937f847
- SHA512
  
  c7fe2e9323ce0160f691e1bb6ed74abf0f5355a241373ab48378f02b2a96afa7be08d840c8bec1e33195cef94f08c3b646abbd3b85fc2536bb2d71667452560b
- SSDEEP
  
  6144:r5CFwkrdy8ly0ZYv5b234BBWDoP1e6AqCJsaE+N8PVT5BcOsi:d+widyjEYv5b2IADoP15J4YBBr
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2