810f6bc8b922b239d51925cf2da854034dc4809a851c65bca04118f2e31c36e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49372890336f7c94be1cae1b0c6c0399
Size

159KB
Sample

240107-rrm15sghgl
MD5

49372890336f7c94be1cae1b0c6c0399
SHA1

de5e11adcc0a24cfc6dbf252f55cc4632858a130
SHA256

810f6bc8b922b239d51925cf2da854034dc4809a851c65bca04118f2e31c36e9
SHA512

28fcb81723c8388e496d09e702ad59a5ec297c611e055b78b54405b2f25a6a57b097fdc828948d0af1183e4346682c59e8e5b2328cf4dcfff675f256122a88c8
SSDEEP

3072:u3zyLTvBYetasoHDHIXwNuxzyATJEhDHWewZcdQwMwfc/:u3zeTlWMwY5yATWH9wZcd1Mwk/

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  49372890336f7c94be1cae1b0c6c0399
- Size
  
  159KB
- MD5
  
  49372890336f7c94be1cae1b0c6c0399
- SHA1
  
  de5e11adcc0a24cfc6dbf252f55cc4632858a130
- SHA256
  
  810f6bc8b922b239d51925cf2da854034dc4809a851c65bca04118f2e31c36e9
- SHA512
  
  28fcb81723c8388e496d09e702ad59a5ec297c611e055b78b54405b2f25a6a57b097fdc828948d0af1183e4346682c59e8e5b2328cf4dcfff675f256122a88c8
- SSDEEP
  
  3072:u3zyLTvBYetasoHDHIXwNuxzyATJEhDHWewZcdQwMwfc/:u3zeTlWMwY5yATWH9wZcd1Mwk/
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2