6b9556b0c5cabb82070f22c60952534574e2d8fc3be897ff6695b0d01540457e | Triage

Sharing

General

Target

7690c4106fbfb77ab271f901e30d31d1
Size

380KB
Sample

240126-gl5nwsggbn
MD5

7690c4106fbfb77ab271f901e30d31d1
SHA1

915adab275536c9ce8859e6e9106fa766a6530ba
SHA256

6b9556b0c5cabb82070f22c60952534574e2d8fc3be897ff6695b0d01540457e
SHA512

f5e44de000f40dbfc117c8de62d78a52da1131b0d45121c97d20d7d6675248e63e80dd0f99363f83c4e4510667cf00fc096950bde20e414c834f5e4f780f135d
SSDEEP

6144:qtFUnwPmBjrtRmlVlNa01/Fjm+qbtPeXCOmdsP1F9nb54ceKVRplXTPH:qtunwPmNrtRK3ae/RmIrv4wn

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7690c4106fbfb77ab271f901e30d31d1
- Size
  
  380KB
- MD5
  
  7690c4106fbfb77ab271f901e30d31d1
- SHA1
  
  915adab275536c9ce8859e6e9106fa766a6530ba
- SHA256
  
  6b9556b0c5cabb82070f22c60952534574e2d8fc3be897ff6695b0d01540457e
- SHA512
  
  f5e44de000f40dbfc117c8de62d78a52da1131b0d45121c97d20d7d6675248e63e80dd0f99363f83c4e4510667cf00fc096950bde20e414c834f5e4f780f135d
- SSDEEP
  
  6144:qtFUnwPmBjrtRmlVlNa01/Fjm+qbtPeXCOmdsP1F9nb54ceKVRplXTPH:qtunwPmNrtRK3ae/RmIrv4wn
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2