db4d63069f8ba1604f971997cff723b7ed36153cd6b29d04ea0fc341236d9b26 | Triage

Sharing

General

Target

db4d63069f8ba1604f971997cff723b7ed36153cd6b29d04ea0fc341236d9b26
Size

2.2MB
Sample

240722-fw8b4a1ajn
MD5

ffe6422dff4cbe7efdbd7ac4983504d4
SHA1

b67e47c4469476baa69803a3183f2c5a821ad5b1
SHA256

db4d63069f8ba1604f971997cff723b7ed36153cd6b29d04ea0fc341236d9b26
SHA512

626e085ef91b16ba1d2c7211de287854b4a7e85282ccc5a863aa3603f5249ad6dcd2ae2127142268341a5cc28d91ba4f6b9bab3bef268f35e3e683ee929bf499
SSDEEP

49152:z79Bu1YpCIlTKgirv6NruEf9MpehiCcOIo8R+jl3W:zpBu2flTXmpehGOV8cjRW

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  db4d63069f8ba1604f971997cff723b7ed36153cd6b29d04ea0fc341236d9b26
- Size
  
  2.2MB
- MD5
  
  ffe6422dff4cbe7efdbd7ac4983504d4
- SHA1
  
  b67e47c4469476baa69803a3183f2c5a821ad5b1
- SHA256
  
  db4d63069f8ba1604f971997cff723b7ed36153cd6b29d04ea0fc341236d9b26
- SHA512
  
  626e085ef91b16ba1d2c7211de287854b4a7e85282ccc5a863aa3603f5249ad6dcd2ae2127142268341a5cc28d91ba4f6b9bab3bef268f35e3e683ee929bf499
- SSDEEP
  
  49152:z79Bu1YpCIlTKgirv6NruEf9MpehiCcOIo8R+jl3W:zpBu2flTXmpehGOV8cjRW
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2