3f01fbea1c3b83ffb5acef7208ee4012bbee6fee237ed1c1196bb247858257fe | Triage

Sharing

General

Target

36dc5d703aa8c14058f96671fa749d18
Size

64KB
Sample

231231-p5axmacghn
MD5

36dc5d703aa8c14058f96671fa749d18
SHA1

ee18ac063f3a8073cce2a0a8d2981d0c7051fd71
SHA256

3f01fbea1c3b83ffb5acef7208ee4012bbee6fee237ed1c1196bb247858257fe
SHA512

88ab7072b5b93b07551e35baf94d31050039d45f113971dd713c39b2540a284b7ff30b652e75768a4e451710486d8d0ac516a4dcabdfc60c371c4cc2cc503176
SSDEEP

1536:orH0Srs6+3ns8LQsD2yif7iWgzF5PjBS6sxwfz:orH1K88TD2/fmJlVL

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  36dc5d703aa8c14058f96671fa749d18
- Size
  
  64KB
- MD5
  
  36dc5d703aa8c14058f96671fa749d18
- SHA1
  
  ee18ac063f3a8073cce2a0a8d2981d0c7051fd71
- SHA256
  
  3f01fbea1c3b83ffb5acef7208ee4012bbee6fee237ed1c1196bb247858257fe
- SHA512
  
  88ab7072b5b93b07551e35baf94d31050039d45f113971dd713c39b2540a284b7ff30b652e75768a4e451710486d8d0ac516a4dcabdfc60c371c4cc2cc503176
- SSDEEP
  
  1536:orH0Srs6+3ns8LQsD2yif7iWgzF5PjBS6sxwfz:orH1K88TD2/fmJlVL
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2