4078e1555e73cb5c19c76b36d90cb5d75bd90ecf3622db0364864b20dab10708 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2e28539cb837e2adc3a46b597f0fcf6
Size

124KB
Sample

240312-j5bw2acd6s
MD5

c2e28539cb837e2adc3a46b597f0fcf6
SHA1

25e78b8b093b627731d4ae617d87f4f432fa6bf2
SHA256

4078e1555e73cb5c19c76b36d90cb5d75bd90ecf3622db0364864b20dab10708
SHA512

1053d907703ae88db30931b3e68edd898b878b5da5193978f8933532de14bb412f7271d8b4661819a12fcb5e2051b0348aa3c91178b05dfbe8f8364a40c118d1
SSDEEP

1536:+WrNAi6A8JWNid4qQJxH/Al/VfJLIu9aPaahYcjnjD64Pm7PQfU68i/oF:+diN8olWJLPwiK4

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c2e28539cb837e2adc3a46b597f0fcf6
- Size
  
  124KB
- MD5
  
  c2e28539cb837e2adc3a46b597f0fcf6
- SHA1
  
  25e78b8b093b627731d4ae617d87f4f432fa6bf2
- SHA256
  
  4078e1555e73cb5c19c76b36d90cb5d75bd90ecf3622db0364864b20dab10708
- SHA512
  
  1053d907703ae88db30931b3e68edd898b878b5da5193978f8933532de14bb412f7271d8b4661819a12fcb5e2051b0348aa3c91178b05dfbe8f8364a40c118d1
- SSDEEP
  
  1536:+WrNAi6A8JWNid4qQJxH/Al/VfJLIu9aPaahYcjnjD64Pm7PQfU68i/oF:+diN8olWJLPwiK4
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2