General

  • Target

    4b5e9622bc3d49f7868f18f9f9001fb3

  • Size

    293KB

  • Sample

    240108-n4physhccl

  • MD5

    4b5e9622bc3d49f7868f18f9f9001fb3

  • SHA1

    17c4663d0576ca485219f928ca1654ad042f9351

  • SHA256

    b9dfb3078612dc7d47c58e0e0a595c6ce4892a12789eae7e8d88765cc9434052

  • SHA512

    5d292a6082ff8a673e19455a9c69da5626bfda03b01064e1bd039dd661a06a8208302b42fb9689f12e68d496367ad7a35cd113771de47310fa03f81b517d4d5c

  • SSDEEP

    6144:VPdMyMANEVzGlcEDUl4qaRYVQ6JTGbusJRhgnGXcLD7Xm2BeddhMHHY/9:5NEh8cSLqd5sisDhgnGQBBedDMnYl

Score
7/10

Malware Config

Targets

    • Target

      4b5e9622bc3d49f7868f18f9f9001fb3

    • Size

      293KB

    • MD5

      4b5e9622bc3d49f7868f18f9f9001fb3

    • SHA1

      17c4663d0576ca485219f928ca1654ad042f9351

    • SHA256

      b9dfb3078612dc7d47c58e0e0a595c6ce4892a12789eae7e8d88765cc9434052

    • SHA512

      5d292a6082ff8a673e19455a9c69da5626bfda03b01064e1bd039dd661a06a8208302b42fb9689f12e68d496367ad7a35cd113771de47310fa03f81b517d4d5c

    • SSDEEP

      6144:VPdMyMANEVzGlcEDUl4qaRYVQ6JTGbusJRhgnGXcLD7Xm2BeddhMHHY/9:5NEh8cSLqd5sisDhgnGQBBedDMnYl

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Tasks