7127dba998c2fc80e2e9fdea9cd271de4327bfee850c55145cf917c0dcea4843 | Triage

Sharing

General

Target

5a993a09c6e73b996fdafa05cc3f8122
Size

63KB
Sample

240114-hyj4dseabn
MD5

5a993a09c6e73b996fdafa05cc3f8122
SHA1

9bd4d9ed6916796b749806020ec99879bd507f4c
SHA256

7127dba998c2fc80e2e9fdea9cd271de4327bfee850c55145cf917c0dcea4843
SHA512

79b9047f5050690b74215e5069f75852d8e7f8d5166eee1f4bd01b14ca7f4638e85bc7bb4b0b68246ae3a95e2713528f43be305553715fa17ed32fbb5c45bf1d
SSDEEP

1536:93LAMoJxnqiAna+uNgflub3IueuGtnyX7dwMnSr1WTTwfz:RAMovcna+uNB3bGsXtSWT6

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5a993a09c6e73b996fdafa05cc3f8122
- Size
  
  63KB
- MD5
  
  5a993a09c6e73b996fdafa05cc3f8122
- SHA1
  
  9bd4d9ed6916796b749806020ec99879bd507f4c
- SHA256
  
  7127dba998c2fc80e2e9fdea9cd271de4327bfee850c55145cf917c0dcea4843
- SHA512
  
  79b9047f5050690b74215e5069f75852d8e7f8d5166eee1f4bd01b14ca7f4638e85bc7bb4b0b68246ae3a95e2713528f43be305553715fa17ed32fbb5c45bf1d
- SSDEEP
  
  1536:93LAMoJxnqiAna+uNgflub3IueuGtnyX7dwMnSr1WTTwfz:RAMovcna+uNB3bGsXtSWT6
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2