36b190f8fb5a27e417b1bc6c11d5fdca21cd13b8e0fdb027a40d50a39fa5e255 | Triage

Sharing

General

Target

df68efb674b30e3c367ba59b823afb29
Size

321KB
Sample

240326-r1pw4afd9y
MD5

df68efb674b30e3c367ba59b823afb29
SHA1

7408e49181a50cf41a42507f8f9eccc22d7ab799
SHA256

36b190f8fb5a27e417b1bc6c11d5fdca21cd13b8e0fdb027a40d50a39fa5e255
SHA512

e4a027b3eb6f318a194281cd43ce575dc77598cefb8846d14d01d3af914dc9f9cdac0c1439a9199a350d0a9ec7b5fa88dabadb38e4b2449d2b96ae3514ecb554
SSDEEP

6144:2wTTuHg4DQC6ziRo0sYXkvDm5TsCQIaNEN4xxgBuixuqFsE6a7ZR:DopF6K1diUIIaNniBunq+nar

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  df68efb674b30e3c367ba59b823afb29
- Size
  
  321KB
- MD5
  
  df68efb674b30e3c367ba59b823afb29
- SHA1
  
  7408e49181a50cf41a42507f8f9eccc22d7ab799
- SHA256
  
  36b190f8fb5a27e417b1bc6c11d5fdca21cd13b8e0fdb027a40d50a39fa5e255
- SHA512
  
  e4a027b3eb6f318a194281cd43ce575dc77598cefb8846d14d01d3af914dc9f9cdac0c1439a9199a350d0a9ec7b5fa88dabadb38e4b2449d2b96ae3514ecb554
- SSDEEP
  
  6144:2wTTuHg4DQC6ziRo0sYXkvDm5TsCQIaNEN4xxgBuixuqFsE6a7ZR:DopF6K1diUIIaNniBunq+nar
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2