General

  • Target

    7b38da50971daf482dae23670de639d8

  • Size

    323KB

  • Sample

    240127-zefejabfe5

  • MD5

    7b38da50971daf482dae23670de639d8

  • SHA1

    b67c79523400fb61aa8b65b10e2b5f898fd7a721

  • SHA256

    26ff647daa2ac2de34e37d96703f0c70ec9817e0f05f79f13b436ac3ccacfc42

  • SHA512

    8427371d0faac1f0742823d5365db93407965847aba9892f575192cc08acc0db3f514a31047180fb04372fa5454d81a7192411cccf79f9287d099ffe846455a0

  • SSDEEP

    6144:/qfAwfwd99vxoYC9+Li9IBCiiortLeT9ZvLmE7JWAtP:SfAos9DoHvorsTzCQJBtP

Score
7/10

Malware Config

Targets

    • Target

      7b38da50971daf482dae23670de639d8

    • Size

      323KB

    • MD5

      7b38da50971daf482dae23670de639d8

    • SHA1

      b67c79523400fb61aa8b65b10e2b5f898fd7a721

    • SHA256

      26ff647daa2ac2de34e37d96703f0c70ec9817e0f05f79f13b436ac3ccacfc42

    • SHA512

      8427371d0faac1f0742823d5365db93407965847aba9892f575192cc08acc0db3f514a31047180fb04372fa5454d81a7192411cccf79f9287d099ffe846455a0

    • SSDEEP

      6144:/qfAwfwd99vxoYC9+Li9IBCiiortLeT9ZvLmE7JWAtP:SfAos9DoHvorsTzCQJBtP

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Tasks