1bb9588fd26b7e497492acd74dc8fe42fc58059e8c42d4e463e4152d80d2719b | Triage

Sharing

General

Target

66880a24978f13e420776c063053a1e1
Size

356KB
Sample

240119-bshvtadgd9
MD5

66880a24978f13e420776c063053a1e1
SHA1

71f3e168a521ba92ae19357509fd18864106fc8d
SHA256

1bb9588fd26b7e497492acd74dc8fe42fc58059e8c42d4e463e4152d80d2719b
SHA512

eba0d9f3c01a78fca542354ef610567e956f1854280f683b93c639032d0129f16614feff92db57fdca626ff332c0dcc9cc115a416ec229d38ede0dd477d17718
SSDEEP

6144:7vbx8nj6JlwPJ+Op9IpF/IUj7H1cAI1Pcq/7FSRUQHE:7uj6JlwB+OQhICL1cA+Pdz9

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  66880a24978f13e420776c063053a1e1
- Size
  
  356KB
- MD5
  
  66880a24978f13e420776c063053a1e1
- SHA1
  
  71f3e168a521ba92ae19357509fd18864106fc8d
- SHA256
  
  1bb9588fd26b7e497492acd74dc8fe42fc58059e8c42d4e463e4152d80d2719b
- SHA512
  
  eba0d9f3c01a78fca542354ef610567e956f1854280f683b93c639032d0129f16614feff92db57fdca626ff332c0dcc9cc115a416ec229d38ede0dd477d17718
- SSDEEP
  
  6144:7vbx8nj6JlwPJ+Op9IpF/IUj7H1cAI1Pcq/7FSRUQHE:7uj6JlwB+OQhICL1cA+Pdz9
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2