4b2e37c9809a2ffa234e8eb9fa137fb2188c773a0cf2271514d617efb947d566 | Triage

Sharing

General

Target

4b2e37c9809a2ffa234e8eb9fa137fb2188c773a0cf2271514d617efb947d566.exe
Size

2.7MB
Sample

240523-bthw7sge3s
MD5

f41ef729f02f8afcdf2cea268db43e84
SHA1

00b74ac191c337de1b17b0b6c8aee6ad1746bb82
SHA256

4b2e37c9809a2ffa234e8eb9fa137fb2188c773a0cf2271514d617efb947d566
SHA512

1cf03fe606df86ee02c2ff4a25ebb8cbe61710afd0a5d3140aff1184d5aa2c367f66ca05e2daa3758b84e1e50ae6e3e0bad89582622a4e2caaefacfd18c88023
SSDEEP

24576:+qCdMP5SdezpyFNrhSCPuoX0k6O2BusxExVJhekLg31+mYGnKBFbJETXHOaTKYfj:+P6hSrcCPT0JkLg31+mYGnKDuTXh3z1

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4b2e37c9809a2ffa234e8eb9fa137fb2188c773a0cf2271514d617efb947d566.exe
- Size
  
  2.7MB
- MD5
  
  f41ef729f02f8afcdf2cea268db43e84
- SHA1
  
  00b74ac191c337de1b17b0b6c8aee6ad1746bb82
- SHA256
  
  4b2e37c9809a2ffa234e8eb9fa137fb2188c773a0cf2271514d617efb947d566
- SHA512
  
  1cf03fe606df86ee02c2ff4a25ebb8cbe61710afd0a5d3140aff1184d5aa2c367f66ca05e2daa3758b84e1e50ae6e3e0bad89582622a4e2caaefacfd18c88023
- SSDEEP
  
  24576:+qCdMP5SdezpyFNrhSCPuoX0k6O2BusxExVJhekLg31+mYGnKBFbJETXHOaTKYfj:+P6hSrcCPT0JkLg31+mYGnKDuTXh3z1
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2