36c5ca36ba7b1bef77c1d694e9e9ced0875c1e93d27ff7b63a35a3b256c2270f | Triage

Sharing

General

Target

5a33a46bb3a2b6fb429cbb14f882b720
Size

294KB
Sample

240114-eedwgsbegk
MD5

5a33a46bb3a2b6fb429cbb14f882b720
SHA1

076b7d67c959f8a78c045342fe0b1be6923dbed5
SHA256

36c5ca36ba7b1bef77c1d694e9e9ced0875c1e93d27ff7b63a35a3b256c2270f
SHA512

c306586aaf21b90bc6a8855d8dd27d636f278f7ed7c74b8cf0f4ac614fa6313c48baec1e90fd064ec30910ba9692c3704ea5665f1ce8d3d34e5984205f24ef69
SSDEEP

6144:xiGtsLYAlqNC+u+1PTG/qm/PgCnmUSFMhl41+M/oI29kKg:EGtsLDt+H1PTEn/iUSFM81+rI2/g

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5a33a46bb3a2b6fb429cbb14f882b720
- Size
  
  294KB
- MD5
  
  5a33a46bb3a2b6fb429cbb14f882b720
- SHA1
  
  076b7d67c959f8a78c045342fe0b1be6923dbed5
- SHA256
  
  36c5ca36ba7b1bef77c1d694e9e9ced0875c1e93d27ff7b63a35a3b256c2270f
- SHA512
  
  c306586aaf21b90bc6a8855d8dd27d636f278f7ed7c74b8cf0f4ac614fa6313c48baec1e90fd064ec30910ba9692c3704ea5665f1ce8d3d34e5984205f24ef69
- SSDEEP
  
  6144:xiGtsLYAlqNC+u+1PTG/qm/PgCnmUSFMhl41+M/oI29kKg:EGtsLDt+H1PTEn/iUSFM81+rI2/g
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2