a92ad73c5b612720d3561622c6e11f18613d0ea39234870d6f6879e45d358f92 | Triage

Sharing

General

Target

4736226d9a237c905fad4c5c89eb61d1
Size

262KB
Sample

240106-1aa5paaah5
MD5

4736226d9a237c905fad4c5c89eb61d1
SHA1

b1e6731b1ced0ab43e986460c478d4c9d9497bef
SHA256

a92ad73c5b612720d3561622c6e11f18613d0ea39234870d6f6879e45d358f92
SHA512

17efec0e254e4a4a4fb7941bc5c935b6c3227f787e5a58cf86dda4cac538bfef459aee509fc8fe1d44c7890c79a96c8b0f027ccdd98980e8d3ad28818b200a86
SSDEEP

6144:Hv8Gp+df0afmVTRMdNdpn94sLrNXel9jb98+MATD:P8YkfXf4TRMj94svNuzjb9ZJ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4736226d9a237c905fad4c5c89eb61d1
- Size
  
  262KB
- MD5
  
  4736226d9a237c905fad4c5c89eb61d1
- SHA1
  
  b1e6731b1ced0ab43e986460c478d4c9d9497bef
- SHA256
  
  a92ad73c5b612720d3561622c6e11f18613d0ea39234870d6f6879e45d358f92
- SHA512
  
  17efec0e254e4a4a4fb7941bc5c935b6c3227f787e5a58cf86dda4cac538bfef459aee509fc8fe1d44c7890c79a96c8b0f027ccdd98980e8d3ad28818b200a86
- SSDEEP
  
  6144:Hv8Gp+df0afmVTRMdNdpn94sLrNXel9jb98+MATD:P8YkfXf4TRMj94svNuzjb9ZJ
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2