General

  • Target

    d86f9b4228662e425a24fd1c13617087

  • Size

    293KB

  • Sample

    240320-k67krseb3v

  • MD5

    d86f9b4228662e425a24fd1c13617087

  • SHA1

    0203e3d73b79d1560c9cb793241b0cb7a9686974

  • SHA256

    1ef7db195fc7d94d8761d52f07b57f9e284dae1008af96fea13ec96f205c8ce7

  • SHA512

    252cb4d558abe39c00ad4b89556ed3c4eddb6315ecf2e83198156997e01dedd078633bebae396435cbf8c29892e6f7bd1180bd94de18c682889b145125f06928

  • SSDEEP

    6144:bPdM9MANEVzGlcEDUl4qaRYVQLJTGbusJRhgnGXcLD7Xm2BeddhMHAO+9d:wNEh8cSLqdIsisDhgnG4BBedDMgO+P

Score
7/10

Malware Config

Targets

    • Target

      d86f9b4228662e425a24fd1c13617087

    • Size

      293KB

    • MD5

      d86f9b4228662e425a24fd1c13617087

    • SHA1

      0203e3d73b79d1560c9cb793241b0cb7a9686974

    • SHA256

      1ef7db195fc7d94d8761d52f07b57f9e284dae1008af96fea13ec96f205c8ce7

    • SHA512

      252cb4d558abe39c00ad4b89556ed3c4eddb6315ecf2e83198156997e01dedd078633bebae396435cbf8c29892e6f7bd1180bd94de18c682889b145125f06928

    • SSDEEP

      6144:bPdM9MANEVzGlcEDUl4qaRYVQLJTGbusJRhgnGXcLD7Xm2BeddhMHAO+9d:wNEh8cSLqdIsisDhgnG4BBedDMgO+P

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Tasks