715c098007e7e87116d2649d17aa7357a7bb62daaf486b15ed634fa2710effc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7491779258ae9e8f704e41ced446790c
Size

367KB
Sample

240125-ngp6zafddq
MD5

7491779258ae9e8f704e41ced446790c
SHA1

137a005e021adc5e9389c0206c182382ff1e6a9a
SHA256

715c098007e7e87116d2649d17aa7357a7bb62daaf486b15ed634fa2710effc3
SHA512

9ffebbff2699b88cde46cb2735be4f8477d9d1db138be56b72820a9a4c0a183bdfa9037f34375e87144db0718ab1af7aa2910f2876a30d2c5259abd4224268b1
SSDEEP

6144:hxocG2iELh46GigOYhUfcUePWlP9wt8cQDW:hxQKhSIYhn2VwtADW

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7491779258ae9e8f704e41ced446790c
- Size
  
  367KB
- MD5
  
  7491779258ae9e8f704e41ced446790c
- SHA1
  
  137a005e021adc5e9389c0206c182382ff1e6a9a
- SHA256
  
  715c098007e7e87116d2649d17aa7357a7bb62daaf486b15ed634fa2710effc3
- SHA512
  
  9ffebbff2699b88cde46cb2735be4f8477d9d1db138be56b72820a9a4c0a183bdfa9037f34375e87144db0718ab1af7aa2910f2876a30d2c5259abd4224268b1
- SSDEEP
  
  6144:hxocG2iELh46GigOYhUfcUePWlP9wt8cQDW:hxQKhSIYhn2VwtADW
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2