adfda243fa85cb545751d4639b844332843eec5dd4d424bc973005bff84ec17e | Triage

Sharing

General

Target

adfda243fa85cb545751d4639b844332843eec5dd4d424bc973005bff84ec17e
Size

1.1MB
Sample

200624-tgwkn56tfj
MD5

771d64a701a7827fb3229f98ad3ff858
SHA1

22b487be37f13797100c3348e1c9a3a254b41abc
SHA256

adfda243fa85cb545751d4639b844332843eec5dd4d424bc973005bff84ec17e
SHA512

662cc2147d316c4de5891f40639ede5d77caf97ea10cc2127e2b1066f286f22ada17ae0b57ab99ffd9f98e4ebbc6355cec2c8da86ebe7198a4a6bde2e33181eb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  adfda243fa85cb545751d4639b844332843eec5dd4d424bc973005bff84ec17e
- Size
  
  1.1MB
- MD5
  
  771d64a701a7827fb3229f98ad3ff858
- SHA1
  
  22b487be37f13797100c3348e1c9a3a254b41abc
- SHA256
  
  adfda243fa85cb545751d4639b844332843eec5dd4d424bc973005bff84ec17e
- SHA512
  
  662cc2147d316c4de5891f40639ede5d77caf97ea10cc2127e2b1066f286f22ada17ae0b57ab99ffd9f98e4ebbc6355cec2c8da86ebe7198a4a6bde2e33181eb
Score

8^/10

persistence
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Adds Run entry to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2