6b5315d5569d448773a9d4c334f22475bf820132f65c824b733a5a9fefa4f845 | Triage

Sharing

General

Target

3f65a714f4db1d2f7d585abc7d60656d
Size

168KB
Sample

240104-ahws9adcfr
MD5

3f65a714f4db1d2f7d585abc7d60656d
SHA1

cb96a4d2eddde21a89e3d8ae98fc82fcbd5a1bdc
SHA256

6b5315d5569d448773a9d4c334f22475bf820132f65c824b733a5a9fefa4f845
SHA512

e64ad49d79fc59d98734766cf731d5c431635e960b023f288e2c3cd5214d13d54d303296eb0cf0f7d8c41da66e963293082ba7c261cd112f0260d19c9d474497
SSDEEP

3072:8B/yfWqIm2ToinfY86s+g0Sfh2WYhdH2eluFkVZH7SLmRYqC:8ofU3tfpj0gRUdH2etB+L

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3f65a714f4db1d2f7d585abc7d60656d
- Size
  
  168KB
- MD5
  
  3f65a714f4db1d2f7d585abc7d60656d
- SHA1
  
  cb96a4d2eddde21a89e3d8ae98fc82fcbd5a1bdc
- SHA256
  
  6b5315d5569d448773a9d4c334f22475bf820132f65c824b733a5a9fefa4f845
- SHA512
  
  e64ad49d79fc59d98734766cf731d5c431635e960b023f288e2c3cd5214d13d54d303296eb0cf0f7d8c41da66e963293082ba7c261cd112f0260d19c9d474497
- SSDEEP
  
  3072:8B/yfWqIm2ToinfY86s+g0Sfh2WYhdH2eluFkVZH7SLmRYqC:8ofU3tfpj0gRUdH2etB+L
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2