4bb32cbfadd59f25357978b8eba4370044dc4ebf0e00b04f39f478dde8ad2a91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

712198f524ecc6d53f331bd16895ae84
Size

105KB
Sample

240124-ca533affh5
MD5

712198f524ecc6d53f331bd16895ae84
SHA1

b9b05293ff89d697b1d5ebd04d0beccffa9875b6
SHA256

4bb32cbfadd59f25357978b8eba4370044dc4ebf0e00b04f39f478dde8ad2a91
SHA512

76e8f13bf633555d061b42923345b74430abc99054dd1c682940c116a876dc13beb3e5a32f97be81251e5d01854cadc2ced051a323737c8320b53941717171bf
SSDEEP

1536:Q5oaJTXYdJqxDFvi8Se4S1KlvUY5TJqlmoQtc9YX2xvbVqSZQof5y:Q5HTo7qxDpi/FS1KqCq8qYGZbVqSZJfk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  712198f524ecc6d53f331bd16895ae84
- Size
  
  105KB
- MD5
  
  712198f524ecc6d53f331bd16895ae84
- SHA1
  
  b9b05293ff89d697b1d5ebd04d0beccffa9875b6
- SHA256
  
  4bb32cbfadd59f25357978b8eba4370044dc4ebf0e00b04f39f478dde8ad2a91
- SHA512
  
  76e8f13bf633555d061b42923345b74430abc99054dd1c682940c116a876dc13beb3e5a32f97be81251e5d01854cadc2ced051a323737c8320b53941717171bf
- SSDEEP
  
  1536:Q5oaJTXYdJqxDFvi8Se4S1KlvUY5TJqlmoQtc9YX2xvbVqSZQof5y:Q5HTo7qxDpi/FS1KqCq8qYGZbVqSZJfk
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2