3649f3e01eee3c32e74acc778a6c45b45a302af06cb25cd39c3e253b77d0618f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0ad5018961b11c645688faa5ca2cee1
Size

144KB
Sample

240327-d8dl5sbh53
MD5

e0ad5018961b11c645688faa5ca2cee1
SHA1

32075dfaf77b27c402c8eac56a2315de4a6130f0
SHA256

3649f3e01eee3c32e74acc778a6c45b45a302af06cb25cd39c3e253b77d0618f
SHA512

e14e0d203a053a591c46c72c9343caf694435593f090d8eac11af537fcefc933523c74fca152df44d573a4e2d62020b2f24196452234c983a3dcb5de6188c43e
SSDEEP

3072:3v/q91EBXqOaSUYvhQ914q8izJ3srI2+IlKt:CI6S9K91J8BM2n8t

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e0ad5018961b11c645688faa5ca2cee1
- Size
  
  144KB
- MD5
  
  e0ad5018961b11c645688faa5ca2cee1
- SHA1
  
  32075dfaf77b27c402c8eac56a2315de4a6130f0
- SHA256
  
  3649f3e01eee3c32e74acc778a6c45b45a302af06cb25cd39c3e253b77d0618f
- SHA512
  
  e14e0d203a053a591c46c72c9343caf694435593f090d8eac11af537fcefc933523c74fca152df44d573a4e2d62020b2f24196452234c983a3dcb5de6188c43e
- SSDEEP
  
  3072:3v/q91EBXqOaSUYvhQ914q8izJ3srI2+IlKt:CI6S9K91J8BM2n8t
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2