f4e1d91d295e9b58b4307c700fa216f7de575542c6c2fb618da0da570803041b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4e1d91d295e9b58b4307c700fa216f7de575542c6c2fb618da0da570803041b
Size

683KB
Sample

240514-eskk7aac8t
MD5

7a2b5ff3d6b24070dec52248a58195b6
SHA1

67350975f31af28c93f31b357ac086193d74d079
SHA256

f4e1d91d295e9b58b4307c700fa216f7de575542c6c2fb618da0da570803041b
SHA512

5a13bad37bc3167c955a2f6c79777545044714bf9a10c48f7fa736c6fbe0a082c280ef3a017775fa6f4273fcb7bcc1a6da64a3d84fd4cb5d3d6b6ef7b092e6c6
SSDEEP

12288:+phltQuOZGibMVj61h8rZGibMVj61h/rZGibMVj61h:Hb9Cb97b9

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f4e1d91d295e9b58b4307c700fa216f7de575542c6c2fb618da0da570803041b
- Size
  
  683KB
- MD5
  
  7a2b5ff3d6b24070dec52248a58195b6
- SHA1
  
  67350975f31af28c93f31b357ac086193d74d079
- SHA256
  
  f4e1d91d295e9b58b4307c700fa216f7de575542c6c2fb618da0da570803041b
- SHA512
  
  5a13bad37bc3167c955a2f6c79777545044714bf9a10c48f7fa736c6fbe0a082c280ef3a017775fa6f4273fcb7bcc1a6da64a3d84fd4cb5d3d6b6ef7b092e6c6
- SSDEEP
  
  12288:+phltQuOZGibMVj61h8rZGibMVj61h/rZGibMVj61h:Hb9Cb97b9
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2