4fc506d0810ba53a6ad690c0119afc74bd18768c2d66ca1c6a78abe4b0c0c797 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae188c83f4a3da196407f1c312d57f07
Size

270KB
Sample

240229-j2rhbabb51
MD5

ae188c83f4a3da196407f1c312d57f07
SHA1

e981f1edfe3cc090b86452c3c7ae682c3a3e5973
SHA256

4fc506d0810ba53a6ad690c0119afc74bd18768c2d66ca1c6a78abe4b0c0c797
SHA512

53f5144d01909885b35e3963ca01f09b7fec22576a154c52dfffa622ade361e4194e16d15819c56daf68c152261f93a257c62a08bbe2ac52d294160ace753f37
SSDEEP

6144:/tjpxeyqvoArlO+Beip2/pWTxq/fnx7GDrRcJIcxyCq0hzfl:lAvo8nVq/PERcHxywl

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ae188c83f4a3da196407f1c312d57f07
- Size
  
  270KB
- MD5
  
  ae188c83f4a3da196407f1c312d57f07
- SHA1
  
  e981f1edfe3cc090b86452c3c7ae682c3a3e5973
- SHA256
  
  4fc506d0810ba53a6ad690c0119afc74bd18768c2d66ca1c6a78abe4b0c0c797
- SHA512
  
  53f5144d01909885b35e3963ca01f09b7fec22576a154c52dfffa622ade361e4194e16d15819c56daf68c152261f93a257c62a08bbe2ac52d294160ace753f37
- SSDEEP
  
  6144:/tjpxeyqvoArlO+Beip2/pWTxq/fnx7GDrRcJIcxyCq0hzfl:lAvo8nVq/PERcHxywl
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2