98bfb2e22fc8c7047a30fa32cf252c22622a8022b06a2edada29cb41915385aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51dac1070739f603ebb8a7554bf98905
Size

954KB
Sample

240110-2zjc2ahhck
MD5

51dac1070739f603ebb8a7554bf98905
SHA1

35fa7abf414403e30cb6165fa268dd968573c15f
SHA256

98bfb2e22fc8c7047a30fa32cf252c22622a8022b06a2edada29cb41915385aa
SHA512

ee04afcb1ee90a301e89b9d38137d2b1015bf1ac5eaa85558e3e2e1f133549436f11a0c4a0f9fe3b5d51bfdb6daa6de840e43f534430f755d38d7bee0f6f920b
SSDEEP

12288:vItVut4RuAwGgc7fNuIEGpgya+sNzaOvoJpaz/g/J/vVSnn:vIXuAwj2fNuIy+sNH8az/g/J/N+n

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  51dac1070739f603ebb8a7554bf98905
- Size
  
  954KB
- MD5
  
  51dac1070739f603ebb8a7554bf98905
- SHA1
  
  35fa7abf414403e30cb6165fa268dd968573c15f
- SHA256
  
  98bfb2e22fc8c7047a30fa32cf252c22622a8022b06a2edada29cb41915385aa
- SHA512
  
  ee04afcb1ee90a301e89b9d38137d2b1015bf1ac5eaa85558e3e2e1f133549436f11a0c4a0f9fe3b5d51bfdb6daa6de840e43f534430f755d38d7bee0f6f920b
- SSDEEP
  
  12288:vItVut4RuAwGgc7fNuIEGpgya+sNzaOvoJpaz/g/J/vVSnn:vIXuAwj2fNuIy+sNH8az/g/J/N+n
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2