b61907b9081bb5d7125264c5e60de013c02b7b866148248de603fb55f8d39a18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup.exe
Size

4.9MB
Sample

241003-xvl6xasalr
MD5

340753116751ef6f5212667501a0e562
SHA1

ad4d25b43964c1c54accdcbe97a3f2ca80d15894
SHA256

b61907b9081bb5d7125264c5e60de013c02b7b866148248de603fb55f8d39a18
SHA512

d9564e38ea4000c16ebacc4a4b95925c8998d2bce33b3ad7bd0aa0b220d60f372d798591f4365b1271085036055519e4a94afd47d51ad5a2c6002e1f54ffc2f2
SSDEEP

98304:w4KoSKQ6Kob7IdoOPn49MWTB9z2OuVIsFx6fZPELW4sF+JKcNWdZRM9b7:wAXQFob7Idj/4VTbaVIsSBfFoxMnsb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  setup.exe
- Size
  
  4.9MB
- MD5
  
  340753116751ef6f5212667501a0e562
- SHA1
  
  ad4d25b43964c1c54accdcbe97a3f2ca80d15894
- SHA256
  
  b61907b9081bb5d7125264c5e60de013c02b7b866148248de603fb55f8d39a18
- SHA512
  
  d9564e38ea4000c16ebacc4a4b95925c8998d2bce33b3ad7bd0aa0b220d60f372d798591f4365b1271085036055519e4a94afd47d51ad5a2c6002e1f54ffc2f2
- SSDEEP
  
  98304:w4KoSKQ6Kob7IdoOPn49MWTB9z2OuVIsFx6fZPELW4sF+JKcNWdZRM9b7:wAXQFob7Idj/4VTbaVIsSBfFoxMnsb
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2