fe489004b8f75ca21b16a1d7ce9e7bfe59da6d5d310f64e4709e9901441101ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40923322449d1661c3fb91cc57f8df2c
Size

3.7MB
Sample

240104-l4st9sdcfn
MD5

40923322449d1661c3fb91cc57f8df2c
SHA1

a29dcf9d54de4b98f9db591b9aa23b736a315935
SHA256

fe489004b8f75ca21b16a1d7ce9e7bfe59da6d5d310f64e4709e9901441101ba
SHA512

4e055e400ff8acc903468b7cf34c50e86ef66de13448112693581b8b0a9bc7073cb6453e432663bf1cd1b728c3382f9f3786baef9b103585c8700d7932d040e3
SSDEEP

12288:JhJyhJgovXtO7HuL558+aBGwCMoWhMdvq/3:B4govwOCGdMtiNq/

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  40923322449d1661c3fb91cc57f8df2c
- Size
  
  3.7MB
- MD5
  
  40923322449d1661c3fb91cc57f8df2c
- SHA1
  
  a29dcf9d54de4b98f9db591b9aa23b736a315935
- SHA256
  
  fe489004b8f75ca21b16a1d7ce9e7bfe59da6d5d310f64e4709e9901441101ba
- SHA512
  
  4e055e400ff8acc903468b7cf34c50e86ef66de13448112693581b8b0a9bc7073cb6453e432663bf1cd1b728c3382f9f3786baef9b103585c8700d7932d040e3
- SSDEEP
  
  12288:JhJyhJgovXtO7HuL558+aBGwCMoWhMdvq/3:B4govwOCGdMtiNq/
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2