d02a35a91db8aa7e7d62ef72bad9719d4490f8f626c504c027347e8981ff20b9 | Triage

Sharing

General

Target

efc1462c7e7cec64c7c4415a055b7ffd.bin
Size

38KB
Sample

240705-d99qzathme
MD5

c7555385e59199e49b664928dec21556
SHA1

f9b78582f233658d0a85be69e8067245e7aaf5b4
SHA256

d02a35a91db8aa7e7d62ef72bad9719d4490f8f626c504c027347e8981ff20b9
SHA512

18ecc730396067b559a0b15ebda26cfcd9443839382b903a217a934a1935e03f0852bf5bc610e8641ad1ddd13f085dbcc8550def04aaae9c1d2763da93cb63ea
SSDEEP

768:YzBZPhvMi8b2BfqH9m2pNiJu+u2I6m92zK99z80atBCB71zD87gfq:YzB5ESBV2ys+VJzK99z80bDzgcfq

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  0f76792935529fd3037fa201ae6b0d644f793972d3ce28bd4d473d1d56eeb8ab.exe
- Size
  
  51KB
- MD5
  
  efc1462c7e7cec64c7c4415a055b7ffd
- SHA1
  
  85a6993f8d94df4ae64fcde7952324ca8fa0fa15
- SHA256
  
  0f76792935529fd3037fa201ae6b0d644f793972d3ce28bd4d473d1d56eeb8ab
- SHA512
  
  ef1dd04b2a1e01227159406cff69b785578d31e74d4a52d608eea539e846e726ba9255e7eba609aceb36e15dc19462765173df731a7002c0a1d6a25d5f219a89
- SSDEEP
  
  768:sk8QK8+NQdzo+YoSaGvx1F7+BXns5SDRWdo6IygHtWt5KN8VafEG6rp1D:ni80QVCV+BX2SdWOvPHktsNsEbgD
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2