2a7bc92ba6c0b1e2aa9439fdc63d4c9b03928a83444155828538cd8e78362ad5 | Triage

Sharing

General

Target

uncategorized_4.5.4.5.vir
Size

224KB
Sample

200719-6wjags94xn
MD5

915cc8c31e37f88a6be43ae64602acd4
SHA1

d043149e6050497ab7ae81d29419c586e5e9cf64
SHA256

2a7bc92ba6c0b1e2aa9439fdc63d4c9b03928a83444155828538cd8e78362ad5
SHA512

0ce24074a6d06bc3f6419490319a90814bf06bbb0faa98e4ba49ffe6b8c91cf2352fd0aac19f79dd0bbbcf39fc22f028a0df906f3365c953f03ddb4956969a2a

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  uncategorized_4.5.4.5.vir
- Size
  
  224KB
- MD5
  
  915cc8c31e37f88a6be43ae64602acd4
- SHA1
  
  d043149e6050497ab7ae81d29419c586e5e9cf64
- SHA256
  
  2a7bc92ba6c0b1e2aa9439fdc63d4c9b03928a83444155828538cd8e78362ad5
- SHA512
  
  0ce24074a6d06bc3f6419490319a90814bf06bbb0faa98e4ba49ffe6b8c91cf2352fd0aac19f79dd0bbbcf39fc22f028a0df906f3365c953f03ddb4956969a2a
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2