27bb67656f06fc1a191945ccb9c3901a6fa1f120dc9683c8e52a16d93c7643bb | Triage

Sharing

General

Target

ba7ff1c7291fffc5d73975abe06f43ee
Size

293KB
Sample

240308-eyks5sga5z
MD5

ba7ff1c7291fffc5d73975abe06f43ee
SHA1

c8d590b0cf3fd32d86aa6c60dbc13fbbd3db0994
SHA256

27bb67656f06fc1a191945ccb9c3901a6fa1f120dc9683c8e52a16d93c7643bb
SHA512

02a0e205a8abe8ff7600867ed2174b497275fc8c48fe3c624cc3705e695303c90414712713f137ae71292ab8c735b9f22303b23b970f0524f41a2e2141fcc241
SSDEEP

6144:GPdMcMANEVzGlcEDUl4qaRYVQ9JTGbusJRhgnGXcND7Xm2BeddhMHH6li:iNEh8cSLqd+sisDhgnGCBBedDMn6A

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ba7ff1c7291fffc5d73975abe06f43ee
- Size
  
  293KB
- MD5
  
  ba7ff1c7291fffc5d73975abe06f43ee
- SHA1
  
  c8d590b0cf3fd32d86aa6c60dbc13fbbd3db0994
- SHA256
  
  27bb67656f06fc1a191945ccb9c3901a6fa1f120dc9683c8e52a16d93c7643bb
- SHA512
  
  02a0e205a8abe8ff7600867ed2174b497275fc8c48fe3c624cc3705e695303c90414712713f137ae71292ab8c735b9f22303b23b970f0524f41a2e2141fcc241
- SSDEEP
  
  6144:GPdMcMANEVzGlcEDUl4qaRYVQ9JTGbusJRhgnGXcND7Xm2BeddhMHH6li:iNEh8cSLqd+sisDhgnGCBBedDMn6A
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2