c1883320470214e91f03da96693b4ac6bb75cc49f8c83a7b5f495e8a2b72e13d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63d5a764f87863847e5551f09c0f2a2f
Size

857KB
Sample

240117-2ylf1agacm
MD5

63d5a764f87863847e5551f09c0f2a2f
SHA1

0047cd1807d78cf60367aebaa6bd37190a16a6cc
SHA256

c1883320470214e91f03da96693b4ac6bb75cc49f8c83a7b5f495e8a2b72e13d
SHA512

bdfa065c1a6e47bf6757b106cd4dd73bf79d426035cd1a4e4883229dcef1a0a5c144315c3668c483e6b67855d8249f3a580a1398a359ec1ca7ca4ba87a841db1
SSDEEP

24576:khxyU+WmQiv4GqkqzarLzBOTVrKdhjD/4XFg/MC:SQv48qzAQTJm/Wg0C

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  63d5a764f87863847e5551f09c0f2a2f
- Size
  
  857KB
- MD5
  
  63d5a764f87863847e5551f09c0f2a2f
- SHA1
  
  0047cd1807d78cf60367aebaa6bd37190a16a6cc
- SHA256
  
  c1883320470214e91f03da96693b4ac6bb75cc49f8c83a7b5f495e8a2b72e13d
- SHA512
  
  bdfa065c1a6e47bf6757b106cd4dd73bf79d426035cd1a4e4883229dcef1a0a5c144315c3668c483e6b67855d8249f3a580a1398a359ec1ca7ca4ba87a841db1
- SSDEEP
  
  24576:khxyU+WmQiv4GqkqzarLzBOTVrKdhjD/4XFg/MC:SQv48qzAQTJm/Wg0C
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2