d84e4899b80da7e70fd68cc898874b5a61fd51ad4f1169ef60cdd0089bddd4e1 | Triage

Sharing

General

Target

489a9acbbdaac7c39af4ea99f19152e5
Size

138KB
Sample

240107-lcpzasbch4
MD5

489a9acbbdaac7c39af4ea99f19152e5
SHA1

80a9479b5f1c966e625442884779a4a54b69d075
SHA256

d84e4899b80da7e70fd68cc898874b5a61fd51ad4f1169ef60cdd0089bddd4e1
SHA512

b407256f6623e44fab329f2f2e6a767663666d7400a3adbbaa925263a93c54343ca1134ac0258fad5cb7e895b2df6bb9362cf73a06b96478413a57287066b341
SSDEEP

3072:V9kx7xWEd5JPjgfPUH0/UVTgSDZ5TCQ3lH9P6bef:V9kx7MEd7g0H0/UZgSd5TBVH9Sbe

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  489a9acbbdaac7c39af4ea99f19152e5
- Size
  
  138KB
- MD5
  
  489a9acbbdaac7c39af4ea99f19152e5
- SHA1
  
  80a9479b5f1c966e625442884779a4a54b69d075
- SHA256
  
  d84e4899b80da7e70fd68cc898874b5a61fd51ad4f1169ef60cdd0089bddd4e1
- SHA512
  
  b407256f6623e44fab329f2f2e6a767663666d7400a3adbbaa925263a93c54343ca1134ac0258fad5cb7e895b2df6bb9362cf73a06b96478413a57287066b341
- SSDEEP
  
  3072:V9kx7xWEd5JPjgfPUH0/UVTgSDZ5TCQ3lH9P6bef:V9kx7MEd7g0H0/UZgSd5TBVH9Sbe
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2