ef9e9b370c041cba4579a2038735ace6ee90c5dc2c4e01d1ede325360ca02b5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e413602075defb5ecbde57f5e9ee5c1
Size

136KB
Sample

240102-art11sdacm
MD5

3e413602075defb5ecbde57f5e9ee5c1
SHA1

32ac3baedaf35ded71fe4fe1c6c864a48430f7aa
SHA256

ef9e9b370c041cba4579a2038735ace6ee90c5dc2c4e01d1ede325360ca02b5e
SHA512

d8e7332aba0c14e9f73efe4cdf270a7e011e9ac5540acd0b1a72da7d37522a2c78c3c09287497d6c4fbaefbe6d8b2cfc3a89f31aca8852d35f5977666eed87d2
SSDEEP

3072:0fJjU+umR5K090+7X6uJ8mp6pIYS0N31ATw3+xe6beuygME:0NUM5K09jgTxAlbew

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3e413602075defb5ecbde57f5e9ee5c1
- Size
  
  136KB
- MD5
  
  3e413602075defb5ecbde57f5e9ee5c1
- SHA1
  
  32ac3baedaf35ded71fe4fe1c6c864a48430f7aa
- SHA256
  
  ef9e9b370c041cba4579a2038735ace6ee90c5dc2c4e01d1ede325360ca02b5e
- SHA512
  
  d8e7332aba0c14e9f73efe4cdf270a7e011e9ac5540acd0b1a72da7d37522a2c78c3c09287497d6c4fbaefbe6d8b2cfc3a89f31aca8852d35f5977666eed87d2
- SSDEEP
  
  3072:0fJjU+umR5K090+7X6uJ8mp6pIYS0N31ATw3+xe6beuygME:0NUM5K09jgTxAlbew
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2