c25ca0f5dc6fc712c42971c4cc809790b47df3800de0e4cd4d0cc292b4b321d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d708230c6b0553c46b1823c81cb42710N
Size

20KB
Sample

240914-gk27dazajk
MD5

d708230c6b0553c46b1823c81cb42710
SHA1

0ad73c8badaca44cc1af4836619446231eb4b19d
SHA256

c25ca0f5dc6fc712c42971c4cc809790b47df3800de0e4cd4d0cc292b4b321d3
SHA512

96321800b0f37ba4e18b676dbda26cd77c7f17541faa416b2b862d0234c59c571e322506335867a181d1b93411ba4a16a0a33688c0aef5298c679685d4b42c72
SSDEEP

384:mpUITkouRNupKHXb9Ga5wFOyHt2cBCqjsKKh0v34F2s:MqjHXTwFOpbHGH

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  d708230c6b0553c46b1823c81cb42710N
- Size
  
  20KB
- MD5
  
  d708230c6b0553c46b1823c81cb42710
- SHA1
  
  0ad73c8badaca44cc1af4836619446231eb4b19d
- SHA256
  
  c25ca0f5dc6fc712c42971c4cc809790b47df3800de0e4cd4d0cc292b4b321d3
- SHA512
  
  96321800b0f37ba4e18b676dbda26cd77c7f17541faa416b2b862d0234c59c571e322506335867a181d1b93411ba4a16a0a33688c0aef5298c679685d4b42c72
- SSDEEP
  
  384:mpUITkouRNupKHXb9Ga5wFOyHt2cBCqjsKKh0v34F2s:MqjHXTwFOpbHGH
Score

7^/10

discovery persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2