b5d3f8144267d307184ff4ca2353ea1040b329ce11cc9c9bc97ceb951f73fb9e | Triage

Sharing

General

Target

26ef4aefee21fdc4379e678f1fe3ceef.bin
Size

1.7MB
Sample

240611-b462sazemn
MD5

c062dc62931a58ac38fbb7a11e4b324a
SHA1

094efc0ec6b529e6763585bd927b3de85cc75bfe
SHA256

b5d3f8144267d307184ff4ca2353ea1040b329ce11cc9c9bc97ceb951f73fb9e
SHA512

54e2195f41610ab0e7772f58b86bd417636994d0471bb6ac04f3be7dfaff87d2cd4cfe96088f8ba411d8e7396622544fe9f2d658847cbf0c3561becf7021d338
SSDEEP

49152:MPd6PYN4oejsTto25sNCPZT01s9087NURTB5fJZ3:G6wN4uYNChTSEZ7NUn5L

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c1b13b5d0cfc0ecb0d05f8d95ccb316804135fc89d2ee7f9b87fa3f1dc86f155.exe
- Size
  
  4.2MB
- MD5
  
  26ef4aefee21fdc4379e678f1fe3ceef
- SHA1
  
  e60856379a003e393e6326b94b0698fa0eed1dd8
- SHA256
  
  c1b13b5d0cfc0ecb0d05f8d95ccb316804135fc89d2ee7f9b87fa3f1dc86f155
- SHA512
  
  b5a74efc2587178d9d77d80e16815d71f2065f5d5d735fb35772148974eb1aecad778d40d9924b84800c18ba0b2891ffecdac5fa272ceec1a7258924838e9e3b
- SSDEEP
  
  24576:JHil3/cLqLsJd/YXra2060aDrJ74Pw5cHuxXSiEH2jwsoSLQ5I+ZI29Yd/PhbdDi:
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2