238317018f3c43e2a4bba5e1c5de7c0a8461444affafa3530985be6769d40aa9 | Triage

Sharing

General

Target

7bebfc732b2fd9295c93a1a843d02043
Size

168KB
Sample

240128-c3hs8sbchj
MD5

7bebfc732b2fd9295c93a1a843d02043
SHA1

19a1a0cfabef55d3362b8c82e8f36482c477fea2
SHA256

238317018f3c43e2a4bba5e1c5de7c0a8461444affafa3530985be6769d40aa9
SHA512

81763dd29dc62ac8116167963d0e12baf4a4d69d44c43745174663a1458ecaf703291f71fc5bb476f2917d04c4264bfc818d26eef4d671983259cebe8301b0f2
SSDEEP

3072:Jym3I7VpdizShu3NRYEEaH1qwRKWoV7pOBJ/ttHMb9CdZ/bux:H3epdizuu3NRbEaHXrq7kJlub9wyx

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7bebfc732b2fd9295c93a1a843d02043
- Size
  
  168KB
- MD5
  
  7bebfc732b2fd9295c93a1a843d02043
- SHA1
  
  19a1a0cfabef55d3362b8c82e8f36482c477fea2
- SHA256
  
  238317018f3c43e2a4bba5e1c5de7c0a8461444affafa3530985be6769d40aa9
- SHA512
  
  81763dd29dc62ac8116167963d0e12baf4a4d69d44c43745174663a1458ecaf703291f71fc5bb476f2917d04c4264bfc818d26eef4d671983259cebe8301b0f2
- SSDEEP
  
  3072:Jym3I7VpdizShu3NRYEEaH1qwRKWoV7pOBJ/ttHMb9CdZ/bux:H3epdizuu3NRbEaHXrq7kJlub9wyx
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2