eeec380bc0e54fa466fb2a4c112338a331605eee2d72e6a02b43d0722bb5ff05 | Triage

Sharing

General

Target

eeec380bc0e54fa466fb2a4c112338a331605eee2d72e6a02b43d0722bb5ff05.exe
Size

1.4MB
Sample

240522-c3y58ahg7x
MD5

edbf4842d10360edac2a88c3ae864066
SHA1

f9e557a2a1c1afaffe9fe552894fac5d20e8b996
SHA256

eeec380bc0e54fa466fb2a4c112338a331605eee2d72e6a02b43d0722bb5ff05
SHA512

30364bfb24e0e7399fbaba3af82c8a76bdcb048c121672bf173dccf264c0cf5748f776135f1bf44f1d1d93553055fa53ea54aad36f9c3fc3dd5e86385f3d1bf7
SSDEEP

24576:Xm8t+0HTQUpDZJH6s5KeqzLQ5yAl6uEweQq8TWQNojuemE9qkKi04BKP3cxw:7B29zLQ7zdWcfQnw3d

Score

9^/10

persistence

Malware Config

Targets

- Target
  
  eeec380bc0e54fa466fb2a4c112338a331605eee2d72e6a02b43d0722bb5ff05.exe
- Size
  
  1.4MB
- MD5
  
  edbf4842d10360edac2a88c3ae864066
- SHA1
  
  f9e557a2a1c1afaffe9fe552894fac5d20e8b996
- SHA256
  
  eeec380bc0e54fa466fb2a4c112338a331605eee2d72e6a02b43d0722bb5ff05
- SHA512
  
  30364bfb24e0e7399fbaba3af82c8a76bdcb048c121672bf173dccf264c0cf5748f776135f1bf44f1d1d93553055fa53ea54aad36f9c3fc3dd5e86385f3d1bf7
- SSDEEP
  
  24576:Xm8t+0HTQUpDZJH6s5KeqzLQ5yAl6uEweQq8TWQNojuemE9qkKi04BKP3cxw:7B29zLQ7zdWcfQnw3d
Score

9^/10

persistence
- Detects executables packed with or use KoiVM
- Adds policy Run key to start application
  persistence
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2