5033db85f94a99e889d0f3b12e8ee23ec8aacfce11590423815a6d1c70859de9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7561456010852fde53688891108c2edb
Size

168KB
Sample

240125-ynp5nafbbr
MD5

7561456010852fde53688891108c2edb
SHA1

b342ac1e9b0d61703313a9869c2de37db6c9c4b0
SHA256

5033db85f94a99e889d0f3b12e8ee23ec8aacfce11590423815a6d1c70859de9
SHA512

d0c4cfa18de4d85eebf5626e14531ee69fd69e2593b58c67b0a03f705374ea9e5673e645202dc9554953feed07043a0b43f9444ac138c50d5674052872c597dc
SSDEEP

3072:cC08j653YItH3oKGk8C8B3QWUJj6KZYtH5qSO:M8j65B45vB3FQfcZZ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7561456010852fde53688891108c2edb
- Size
  
  168KB
- MD5
  
  7561456010852fde53688891108c2edb
- SHA1
  
  b342ac1e9b0d61703313a9869c2de37db6c9c4b0
- SHA256
  
  5033db85f94a99e889d0f3b12e8ee23ec8aacfce11590423815a6d1c70859de9
- SHA512
  
  d0c4cfa18de4d85eebf5626e14531ee69fd69e2593b58c67b0a03f705374ea9e5673e645202dc9554953feed07043a0b43f9444ac138c50d5674052872c597dc
- SSDEEP
  
  3072:cC08j653YItH3oKGk8C8B3QWUJj6KZYtH5qSO:M8j65B45vB3FQfcZZ
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2