87ee67f1e78c16eada84ac5556ab89e362b981e1eee451847b24dafc75407d52 | Triage

Sharing

General

Target

382db96e1f5b85751ad6beb6069f63ce
Size

91KB
Sample

240410-gpr7zaeh56
MD5

382db96e1f5b85751ad6beb6069f63ce
SHA1

ba27e811a389259f5bcdf85b19dc8a9e73dae430
SHA256

87ee67f1e78c16eada84ac5556ab89e362b981e1eee451847b24dafc75407d52
SHA512

cb4445cfe57c34cc66de8c272f0c5f72441e953969b784b1291d104d085d98c8edb275db85eccf9fe30544ebf16844362dff91a7203ccaa1605dbb7afa965700
SSDEEP

1536:sS19M28horJ1ZwaoP854fw163usin62EGUMCvx6U:sSPr8GJ1ZK64fy63u/6LG2N

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  382db96e1f5b85751ad6beb6069f63ce
- Size
  
  91KB
- MD5
  
  382db96e1f5b85751ad6beb6069f63ce
- SHA1
  
  ba27e811a389259f5bcdf85b19dc8a9e73dae430
- SHA256
  
  87ee67f1e78c16eada84ac5556ab89e362b981e1eee451847b24dafc75407d52
- SHA512
  
  cb4445cfe57c34cc66de8c272f0c5f72441e953969b784b1291d104d085d98c8edb275db85eccf9fe30544ebf16844362dff91a7203ccaa1605dbb7afa965700
- SSDEEP
  
  1536:sS19M28horJ1ZwaoP854fw163usin62EGUMCvx6U:sSPr8GJ1ZK64fy63u/6LG2N
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2