81b72dabb79d99cd2701b6405f3c3cdbc6852eccba5a789a3361972bca94705e | Triage

Sharing

General

Target

e1427dd223d598de6776c63188257aa6
Size

267KB
Sample

240327-kpdlcsgf76
MD5

e1427dd223d598de6776c63188257aa6
SHA1

23c11ae8b5cb4eff46ada822ac14eb95d1b211be
SHA256

81b72dabb79d99cd2701b6405f3c3cdbc6852eccba5a789a3361972bca94705e
SHA512

74408ad7f2d14a21f40f0b737927077ebfd1bfc5aba561fe0ec0310d677ab712afe54bf8d82eefd4aa31862afb62be5a6f6d5d7591f40e460903f685b10b1281
SSDEEP

6144:KxZamgSKM0PgEN4mgMFUYm1IranWqq5AdAxlY8x:KWZM0Ihm/FUYua2IRx

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e1427dd223d598de6776c63188257aa6
- Size
  
  267KB
- MD5
  
  e1427dd223d598de6776c63188257aa6
- SHA1
  
  23c11ae8b5cb4eff46ada822ac14eb95d1b211be
- SHA256
  
  81b72dabb79d99cd2701b6405f3c3cdbc6852eccba5a789a3361972bca94705e
- SHA512
  
  74408ad7f2d14a21f40f0b737927077ebfd1bfc5aba561fe0ec0310d677ab712afe54bf8d82eefd4aa31862afb62be5a6f6d5d7591f40e460903f685b10b1281
- SSDEEP
  
  6144:KxZamgSKM0PgEN4mgMFUYm1IranWqq5AdAxlY8x:KWZM0Ihm/FUYua2IRx
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2