8a3c4170a103e1695a2b70379c43266398759b3e02a841a75b08ecfa5716860d | Triage

Sharing

General

Target

Build.exe
Size

701KB
Sample

240721-y3w7hssglc
MD5

0efd05c0e785394f55153d5b9c04daf5
SHA1

16e820e2f124ce21db4633379c475cff7c7448f3
SHA256

8a3c4170a103e1695a2b70379c43266398759b3e02a841a75b08ecfa5716860d
SHA512

84e2060eae231df6916273cd13b24f40145d6e2375b3b21ba1e5d685d8bd37c9cdce01c8975548b2db7e4ace15cb53d5b5883d315fa4120fed208f66f1580946
SSDEEP

6144:57A/Mm07sENIsRctX5rUvQSNj0LZOWM8yucn:5U/MbirU1Nj0LZOd8yus

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Build.exe
- Size
  
  701KB
- MD5
  
  0efd05c0e785394f55153d5b9c04daf5
- SHA1
  
  16e820e2f124ce21db4633379c475cff7c7448f3
- SHA256
  
  8a3c4170a103e1695a2b70379c43266398759b3e02a841a75b08ecfa5716860d
- SHA512
  
  84e2060eae231df6916273cd13b24f40145d6e2375b3b21ba1e5d685d8bd37c9cdce01c8975548b2db7e4ace15cb53d5b5883d315fa4120fed208f66f1580946
- SSDEEP
  
  6144:57A/Mm07sENIsRctX5rUvQSNj0LZOWM8yucn:5U/MbirU1Nj0LZOd8yus
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2