1997453fbb12d79e5bfda04e7d911cd4e0fb82b4f9056b7f9af2edef01729611 | Triage

Sharing

General

Target

1997453fbb12d79e5bfda04e7d911cd4e0fb82b4f9056b7f9af2edef01729611
Size

369KB
Sample

240522-xtny4sdc33
MD5

02a65249fbdfa2a8dc85b9d720f9ba36
SHA1

4c54ef3340d4fbe1efbc13beb593a13dbf7e21c2
SHA256

1997453fbb12d79e5bfda04e7d911cd4e0fb82b4f9056b7f9af2edef01729611
SHA512

ae688d7145beded9cc8a4a5ed3514b665074c62d8253ec6e1126d7599cb1ab1fc69ddb88f4e6ad301f089a5990b63d2f0c7e4fa31ad76e21ea91937c1e733464
SSDEEP

6144:7Drk+NT4H3iYY9MzvNm569af8ToAgx5UquY9:7sCEH3iL9MLNA6IfogTM

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1997453fbb12d79e5bfda04e7d911cd4e0fb82b4f9056b7f9af2edef01729611
- Size
  
  369KB
- MD5
  
  02a65249fbdfa2a8dc85b9d720f9ba36
- SHA1
  
  4c54ef3340d4fbe1efbc13beb593a13dbf7e21c2
- SHA256
  
  1997453fbb12d79e5bfda04e7d911cd4e0fb82b4f9056b7f9af2edef01729611
- SHA512
  
  ae688d7145beded9cc8a4a5ed3514b665074c62d8253ec6e1126d7599cb1ab1fc69ddb88f4e6ad301f089a5990b63d2f0c7e4fa31ad76e21ea91937c1e733464
- SSDEEP
  
  6144:7Drk+NT4H3iYY9MzvNm569af8ToAgx5UquY9:7sCEH3iL9MLNA6IfogTM
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2