3dd7c774004ae61e5bb7303b2be797c43dfbb39d43c27d4257561b5f01782db3 | Triage

Sharing

General

Target

a46cd6a7b40e34d40577c1e0b0d173e4
Size

196KB
Sample

240225-wkfeyaae4x
MD5

a46cd6a7b40e34d40577c1e0b0d173e4
SHA1

be0394249c2ded68be837dd65c4b8a0184f7aa68
SHA256

3dd7c774004ae61e5bb7303b2be797c43dfbb39d43c27d4257561b5f01782db3
SHA512

93c7d82d4dea602f145b6198c2c1fa55c5bb9ec2ebc8b86b3f5ebfb89d8ea34f866cf2113ecac833162dffe6db976f3c25712b3862a987b8b570c5093eec0af8
SSDEEP

3072:ymromSkSck90GHWhW/+1NHV/iG9om/GEUlGKUmUidR1W5FmVHF4lMknZ9PBAt:ghV0Zb1/rqSGvJUmpdR16cknZ9JG

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  a46cd6a7b40e34d40577c1e0b0d173e4
- Size
  
  196KB
- MD5
  
  a46cd6a7b40e34d40577c1e0b0d173e4
- SHA1
  
  be0394249c2ded68be837dd65c4b8a0184f7aa68
- SHA256
  
  3dd7c774004ae61e5bb7303b2be797c43dfbb39d43c27d4257561b5f01782db3
- SHA512
  
  93c7d82d4dea602f145b6198c2c1fa55c5bb9ec2ebc8b86b3f5ebfb89d8ea34f866cf2113ecac833162dffe6db976f3c25712b3862a987b8b570c5093eec0af8
- SSDEEP
  
  3072:ymromSkSck90GHWhW/+1NHV/iG9om/GEUlGKUmUidR1W5FmVHF4lMknZ9PBAt:ghV0Zb1/rqSGvJUmpdR16cknZ9JG
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2