e20a62be009f8bf8d81a05e6fe3542f6e0ba8d941a58c95bb0882c4832681893 | Triage

Sharing

General

Target

4a04435c8828bd8bc526461ad4ace11d
Size

1.2MB
Sample

240107-247w7ahbc5
MD5

4a04435c8828bd8bc526461ad4ace11d
SHA1

798887d48a93bab2665a5b74cebe0fa6119d4651
SHA256

e20a62be009f8bf8d81a05e6fe3542f6e0ba8d941a58c95bb0882c4832681893
SHA512

285cfdd34ebbd557d1e5bf3030b51271082fc507e2c0f95626d5f65d659a0237934feaebbce52884c54dc2efcc22e7f1de1fb3fefc2d1dc65ed510a90e8adf18
SSDEEP

12288:eZD/lIHhTv4Iu0UdP6BKhr//VLTRGWfxlezy9m1gsvW9J85mAvGW77gSw7Ww:ADGBTwITq6grHVLTMaloyMvWb6ob7W

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4a04435c8828bd8bc526461ad4ace11d
- Size
  
  1.2MB
- MD5
  
  4a04435c8828bd8bc526461ad4ace11d
- SHA1
  
  798887d48a93bab2665a5b74cebe0fa6119d4651
- SHA256
  
  e20a62be009f8bf8d81a05e6fe3542f6e0ba8d941a58c95bb0882c4832681893
- SHA512
  
  285cfdd34ebbd557d1e5bf3030b51271082fc507e2c0f95626d5f65d659a0237934feaebbce52884c54dc2efcc22e7f1de1fb3fefc2d1dc65ed510a90e8adf18
- SSDEEP
  
  12288:eZD/lIHhTv4Iu0UdP6BKhr//VLTRGWfxlezy9m1gsvW9J85mAvGW77gSw7Ww:ADGBTwITq6grHVLTMaloyMvWb6ob7W
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2