d475e3d2566c3673c4f54df1bf3729da360323ac0d496bf6b220a5a659a068cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86d4af84c2164b384bf8bb2da7280cb3
Size

25KB
Sample

240201-n3pgkaegam
MD5

86d4af84c2164b384bf8bb2da7280cb3
SHA1

76faab4d3df83a48691f88a26b4e35e529b0548b
SHA256

d475e3d2566c3673c4f54df1bf3729da360323ac0d496bf6b220a5a659a068cb
SHA512

1a14b9e572346bf7e4a37967fd448a5f7526e956d78c79fd8fa301af2a2f0e3d268ece85050ac47419661920ccf2c5b7153973993fe63a4c229a8f419bb95b81
SSDEEP

384:iO6oOJ9evo97boLTAb05tvZkoYT2AlkpJc40f7+e:deGTqadZkf2UUufH

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  86d4af84c2164b384bf8bb2da7280cb3
- Size
  
  25KB
- MD5
  
  86d4af84c2164b384bf8bb2da7280cb3
- SHA1
  
  76faab4d3df83a48691f88a26b4e35e529b0548b
- SHA256
  
  d475e3d2566c3673c4f54df1bf3729da360323ac0d496bf6b220a5a659a068cb
- SHA512
  
  1a14b9e572346bf7e4a37967fd448a5f7526e956d78c79fd8fa301af2a2f0e3d268ece85050ac47419661920ccf2c5b7153973993fe63a4c229a8f419bb95b81
- SSDEEP
  
  384:iO6oOJ9evo97boLTAb05tvZkoYT2AlkpJc40f7+e:deGTqadZkf2UUufH
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2