3a009fe5dfe8c3406a698de9c5e2a40cec5f74441047de935d6f0e08e2817d16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57ae94427049a2c94cfe62a9c4db5b0f
Size

2.8MB
Sample

240113-ccrcpahher
MD5

57ae94427049a2c94cfe62a9c4db5b0f
SHA1

e4179597479b74f9b40175825b755d13f686c4b2
SHA256

3a009fe5dfe8c3406a698de9c5e2a40cec5f74441047de935d6f0e08e2817d16
SHA512

0477bf60b0c64fa9bc2b240ae4b0fbaaf2ea7ef44d61198200301c8e3d5fd0de43b38a62b7fdb3174a1885492104b5f2eeae929c58d629b25c8c6d35c38eb151
SSDEEP

49152:p82XNo5F0g0kwcM8TUuNO5tzCkKeWuMm35yEqOpwXmaSwvoyfPNMF881D9Z7Q:p8GNokIwiTUKO61erMmppqwWmanffVMl

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  57ae94427049a2c94cfe62a9c4db5b0f
- Size
  
  2.8MB
- MD5
  
  57ae94427049a2c94cfe62a9c4db5b0f
- SHA1
  
  e4179597479b74f9b40175825b755d13f686c4b2
- SHA256
  
  3a009fe5dfe8c3406a698de9c5e2a40cec5f74441047de935d6f0e08e2817d16
- SHA512
  
  0477bf60b0c64fa9bc2b240ae4b0fbaaf2ea7ef44d61198200301c8e3d5fd0de43b38a62b7fdb3174a1885492104b5f2eeae929c58d629b25c8c6d35c38eb151
- SSDEEP
  
  49152:p82XNo5F0g0kwcM8TUuNO5tzCkKeWuMm35yEqOpwXmaSwvoyfPNMF881D9Z7Q:p8GNokIwiTUKO61erMmppqwWmanffVMl
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2