91b60b1ae0b37343c671b632eb3e358d9a5029c9c6405556ba835528c67fd6d8 | Triage

Sharing

General

Target

91b60b1ae0b37343c671b632eb3e358d9a5029c9c6405556ba835528c67fd6d8.exe
Size

1.8MB
Sample

240905-pphbrs1bkp
MD5

98c1a12ce79248bbdb4c8a65fc227e58
SHA1

259ae7a3d239a352db772433075f649d5fbda8e7
SHA256

91b60b1ae0b37343c671b632eb3e358d9a5029c9c6405556ba835528c67fd6d8
SHA512

a08eb3182c8cc7b3cc7880ff644de60951a3476dd0325b63d306f1c7f48cde40d21bfa76d85a23c6a6f545f16b30d99372f8bfb876d1c1ae928ad75e713a8c7e
SSDEEP

49152:tTvC/MTQYxsWR7a05iPEgLwJqejB/aWN7vaYz:BjTQYxsWR3gMJqWaAJ

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  91b60b1ae0b37343c671b632eb3e358d9a5029c9c6405556ba835528c67fd6d8.exe
- Size
  
  1.8MB
- MD5
  
  98c1a12ce79248bbdb4c8a65fc227e58
- SHA1
  
  259ae7a3d239a352db772433075f649d5fbda8e7
- SHA256
  
  91b60b1ae0b37343c671b632eb3e358d9a5029c9c6405556ba835528c67fd6d8
- SHA512
  
  a08eb3182c8cc7b3cc7880ff644de60951a3476dd0325b63d306f1c7f48cde40d21bfa76d85a23c6a6f545f16b30d99372f8bfb876d1c1ae928ad75e713a8c7e
- SSDEEP
  
  49152:tTvC/MTQYxsWR7a05iPEgLwJqejB/aWN7vaYz:BjTQYxsWR3gMJqWaAJ
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2