cd2b32eb1e3f52ea898b66c845f243eaec5f4e899679f2bea65128c98449fd9b | Triage

Sharing

General

Target

633eb95a9b19003b873498e287fc1494
Size

69KB
Sample

240118-tkfpladaar
MD5

633eb95a9b19003b873498e287fc1494
SHA1

e5fb2467c1a586839b95b928b8d3ea07e0721af3
SHA256

cd2b32eb1e3f52ea898b66c845f243eaec5f4e899679f2bea65128c98449fd9b
SHA512

a62c88fefa9439a1d139da516273cb0c2fc13d2767418a655a68c125d3bd0ce596a8bda4216f2c10fe728a35e9d90fcbacb7a6570ef85779bc56e5d00b9cd968
SSDEEP

1536:l6bq+91nioxizwgIE/a/QPG2K158t1XXm2hJYNbccsOY:lx2Ri8gJ/60GG1XXm2v/cZY

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  633eb95a9b19003b873498e287fc1494
- Size
  
  69KB
- MD5
  
  633eb95a9b19003b873498e287fc1494
- SHA1
  
  e5fb2467c1a586839b95b928b8d3ea07e0721af3
- SHA256
  
  cd2b32eb1e3f52ea898b66c845f243eaec5f4e899679f2bea65128c98449fd9b
- SHA512
  
  a62c88fefa9439a1d139da516273cb0c2fc13d2767418a655a68c125d3bd0ce596a8bda4216f2c10fe728a35e9d90fcbacb7a6570ef85779bc56e5d00b9cd968
- SSDEEP
  
  1536:l6bq+91nioxizwgIE/a/QPG2K158t1XXm2hJYNbccsOY:lx2Ri8gJ/60GG1XXm2v/cZY
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2