ca8b3ef92f2f54af2dfd89b4584a830b2be4ac2f63890ef4df9a65729aa1517d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8cbd4ebffa4fe7198f8b41c5f3f5193
Size

51KB
Sample

240314-rcxl2aea3x
MD5

c8cbd4ebffa4fe7198f8b41c5f3f5193
SHA1

26b706fe7ae2d5e67615436cd2195e19fa3b03c0
SHA256

ca8b3ef92f2f54af2dfd89b4584a830b2be4ac2f63890ef4df9a65729aa1517d
SHA512

aa54df28cdc809bd93b44c357afbca2711f0977896842e9bebc04bc740ef6f665a9145799542886ae022b5475bbcd16122fbbe21495022c60c7222d394bd13a3
SSDEEP

768:Q6+N1XQs1qfBp3uxLDNS5cRHTQfSjRhYH:P+XXPaLEEchsihYH

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c8cbd4ebffa4fe7198f8b41c5f3f5193
- Size
  
  51KB
- MD5
  
  c8cbd4ebffa4fe7198f8b41c5f3f5193
- SHA1
  
  26b706fe7ae2d5e67615436cd2195e19fa3b03c0
- SHA256
  
  ca8b3ef92f2f54af2dfd89b4584a830b2be4ac2f63890ef4df9a65729aa1517d
- SHA512
  
  aa54df28cdc809bd93b44c357afbca2711f0977896842e9bebc04bc740ef6f665a9145799542886ae022b5475bbcd16122fbbe21495022c60c7222d394bd13a3
- SSDEEP
  
  768:Q6+N1XQs1qfBp3uxLDNS5cRHTQfSjRhYH:P+XXPaLEEchsihYH
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2