996f23846945f6677831c45686a85d67be1f69e5a8048842ae8fcf07b436e701 | Triage

Sharing

General

Target

996f23846945f6677831c45686a85d67be1f69e5a8048842ae8fcf07b436e701.exe
Size

2.8MB
Sample

240629-b12mwsxhlh
MD5

ec77ef04439a7a920dca97e78f067d5b
SHA1

7861a548b68f09c6ff4a518c5e01c135baaeea94
SHA256

996f23846945f6677831c45686a85d67be1f69e5a8048842ae8fcf07b436e701
SHA512

a7a3cd82527efe283f8797a1d78a72d93f915ca885139c0d3853ec10126284fcf96d5eb4696352e7fb6e06c4e63994175acffa258f00b7a3bc964e5a58e36294
SSDEEP

49152:keA+R3ty6IeJDmR5Kj9Aw1JnFunP2ImTSmP1V2Prk0PkVxOvuTIhmCumLANXt:Vpt2ex65OS4JnwnPISmP1VGrk0ZW5CJe

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  996f23846945f6677831c45686a85d67be1f69e5a8048842ae8fcf07b436e701.exe
- Size
  
  2.8MB
- MD5
  
  ec77ef04439a7a920dca97e78f067d5b
- SHA1
  
  7861a548b68f09c6ff4a518c5e01c135baaeea94
- SHA256
  
  996f23846945f6677831c45686a85d67be1f69e5a8048842ae8fcf07b436e701
- SHA512
  
  a7a3cd82527efe283f8797a1d78a72d93f915ca885139c0d3853ec10126284fcf96d5eb4696352e7fb6e06c4e63994175acffa258f00b7a3bc964e5a58e36294
- SSDEEP
  
  49152:keA+R3ty6IeJDmR5Kj9Aw1JnFunP2ImTSmP1V2Prk0PkVxOvuTIhmCumLANXt:Vpt2ex65OS4JnwnPISmP1VGrk0ZW5CJe
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2