630a9b9da20ebbcbf5f48c97050a965927ae7e6fa306f1f3b932f8d9e3e2354b | Triage

Sharing

General

Target

4fd364e00a98ce49205043cbbd2bee31
Size

38KB
Sample

240110-g64bkaacdl
MD5

4fd364e00a98ce49205043cbbd2bee31
SHA1

804ebbf125de01ad6651d81973bc8950aac38076
SHA256

630a9b9da20ebbcbf5f48c97050a965927ae7e6fa306f1f3b932f8d9e3e2354b
SHA512

b92e837ad017c014a2bdc3828ef2af23e77eeaeb44abe3c5edc5bacc65e4eebd6ddbcfa0d047038e5b86f5eb1b9683d0d7596ec9953a732c0762ad8ad4945d2e
SSDEEP

768:8vR1XXw9btkGXyT8L6qdaQAOCkliE3V3KJT6nbjq:O1wPiT8DkQAOCqrVKJTZ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4fd364e00a98ce49205043cbbd2bee31
- Size
  
  38KB
- MD5
  
  4fd364e00a98ce49205043cbbd2bee31
- SHA1
  
  804ebbf125de01ad6651d81973bc8950aac38076
- SHA256
  
  630a9b9da20ebbcbf5f48c97050a965927ae7e6fa306f1f3b932f8d9e3e2354b
- SHA512
  
  b92e837ad017c014a2bdc3828ef2af23e77eeaeb44abe3c5edc5bacc65e4eebd6ddbcfa0d047038e5b86f5eb1b9683d0d7596ec9953a732c0762ad8ad4945d2e
- SSDEEP
  
  768:8vR1XXw9btkGXyT8L6qdaQAOCkliE3V3KJT6nbjq:O1wPiT8DkQAOCqrVKJTZ
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2