3ca21077c68f4b40993e92571eb9c1aa0051c5199e22ad17bfcc04a853017803 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ca21077c68f4b40993e92571eb9c1aa0051c5199e22ad17bfcc04a853017803
Size

1.2MB
Sample

220915-mym79sgedp
MD5

8e9b23090e60ef9bb4402b83ea3fce40
SHA1

6413820f89259e699b4f8a2ac73f5a96205012f5
SHA256

3ca21077c68f4b40993e92571eb9c1aa0051c5199e22ad17bfcc04a853017803
SHA512

898661e6ba90134728cf65025833b7b48f6c30f435297bce5317fcf1e4a643fbcc85dfd50ab18c025705c7dcdae224083addf2c3e051388056582f9495452aea
SSDEEP

12288:DiUy90RR0tyjYRxpTfjVOcIquk42YOyqkuHU2KAN3EXoZ8fyz6f2oFDlM2NHvV9d:DDy+KtyIOT24uik1KXtIoVlM25v1

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3ca21077c68f4b40993e92571eb9c1aa0051c5199e22ad17bfcc04a853017803
- Size
  
  1.2MB
- MD5
  
  8e9b23090e60ef9bb4402b83ea3fce40
- SHA1
  
  6413820f89259e699b4f8a2ac73f5a96205012f5
- SHA256
  
  3ca21077c68f4b40993e92571eb9c1aa0051c5199e22ad17bfcc04a853017803
- SHA512
  
  898661e6ba90134728cf65025833b7b48f6c30f435297bce5317fcf1e4a643fbcc85dfd50ab18c025705c7dcdae224083addf2c3e051388056582f9495452aea
- SSDEEP
  
  12288:DiUy90RR0tyjYRxpTfjVOcIquk42YOyqkuHU2KAN3EXoZ8fyz6f2oFDlM2NHvV9d:DDy+KtyIOT24uik1KXtIoVlM25v1
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2