920cdd05c70c88f60d93018616cb08a8946ce9a8e8397b9771fb5c96601d3c22 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

silent_test.exe
Size

5.6MB
Sample

240410-nzmhsshg41
MD5

d4c541a971cb5d41e2de0d1f3d4b9897
SHA1

39f6b1835dd006fc53fd5edea203374f93b2d2aa
SHA256

920cdd05c70c88f60d93018616cb08a8946ce9a8e8397b9771fb5c96601d3c22
SHA512

dc07256a22ff0f1d60ac735565b338e0a24592c969bfe67b575d851f2e904d9c043bdb6a89b1c4331379a2da085edb68ef21561a82f3f2dc66872cfb284ef736
SSDEEP

98304:UrHfO5U6jlYYF/bcufKDoEdeB2ufnGL2OxzA1ARlfwFbSN3kz:UrHfilYubTKDxui6OxzkbSNO

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  silent_test.exe
- Size
  
  5.6MB
- MD5
  
  d4c541a971cb5d41e2de0d1f3d4b9897
- SHA1
  
  39f6b1835dd006fc53fd5edea203374f93b2d2aa
- SHA256
  
  920cdd05c70c88f60d93018616cb08a8946ce9a8e8397b9771fb5c96601d3c22
- SHA512
  
  dc07256a22ff0f1d60ac735565b338e0a24592c969bfe67b575d851f2e904d9c043bdb6a89b1c4331379a2da085edb68ef21561a82f3f2dc66872cfb284ef736
- SSDEEP
  
  98304:UrHfO5U6jlYYF/bcufKDoEdeB2ufnGL2OxzA1ARlfwFbSN3kz:UrHfilYubTKDxui6OxzkbSNO
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1