710b550ef5ce611eb838a9804f83ccb1e8f1771b388dc64fdc98a0697b922d10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56bb1e20c2466e6da63466596a1d5a0b
Size

375KB
Sample

240112-rzgjbsaeh7
MD5

56bb1e20c2466e6da63466596a1d5a0b
SHA1

64df1fad2fbe7dc8fdf447ca2f54f36fd185714e
SHA256

710b550ef5ce611eb838a9804f83ccb1e8f1771b388dc64fdc98a0697b922d10
SHA512

bac70caf36f48725d0bfbb0c6ab63e8d4126a6ca228e8b2f8be4589c3be6a8690d1d5c2e4c06e97b129a05b75801c7791ebf00e5440860a47ff3f0e8e6bb5c02
SSDEEP

6144:8UvbxtEDfFXPXZMtdxDKPQswHiG3ptAmvdo/w5TVkE47zV:p/yFXZMfxe4tzptPK456E43V

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  56bb1e20c2466e6da63466596a1d5a0b
- Size
  
  375KB
- MD5
  
  56bb1e20c2466e6da63466596a1d5a0b
- SHA1
  
  64df1fad2fbe7dc8fdf447ca2f54f36fd185714e
- SHA256
  
  710b550ef5ce611eb838a9804f83ccb1e8f1771b388dc64fdc98a0697b922d10
- SHA512
  
  bac70caf36f48725d0bfbb0c6ab63e8d4126a6ca228e8b2f8be4589c3be6a8690d1d5c2e4c06e97b129a05b75801c7791ebf00e5440860a47ff3f0e8e6bb5c02
- SSDEEP
  
  6144:8UvbxtEDfFXPXZMtdxDKPQswHiG3ptAmvdo/w5TVkE47zV:p/yFXZMfxe4tzptPK456E43V
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2