b7d90f7fad089125f0eb6f09991ec176a757fb89677dd2710bac147fb6093661 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7d90f7fad089125f0eb6f09991ec176a757fb89677dd2710bac147fb6093661
Size

1.1MB
Sample

220919-qvjbpaehdl
MD5

979682f803525bbe41dbec67cb83c453
SHA1

2cb15984198eedcd300972254ef56a5ef2cd3504
SHA256

b7d90f7fad089125f0eb6f09991ec176a757fb89677dd2710bac147fb6093661
SHA512

e8bf91e89aa4627ba222896fa67101158149b91c6fd401f356512457da3a29a6c94b824c7502ad8e3bed639a2f0cd78ba7e66cef783aa27e405bc61614ae3478
SSDEEP

12288:p7g75OSQVvVRUg4hFkSqnZQF+lluGWt8XnnuMgGEWe7/TTgxhs1:utWvVRUzhOdKF+llj6YnGWcLTuhs

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b7d90f7fad089125f0eb6f09991ec176a757fb89677dd2710bac147fb6093661
- Size
  
  1.1MB
- MD5
  
  979682f803525bbe41dbec67cb83c453
- SHA1
  
  2cb15984198eedcd300972254ef56a5ef2cd3504
- SHA256
  
  b7d90f7fad089125f0eb6f09991ec176a757fb89677dd2710bac147fb6093661
- SHA512
  
  e8bf91e89aa4627ba222896fa67101158149b91c6fd401f356512457da3a29a6c94b824c7502ad8e3bed639a2f0cd78ba7e66cef783aa27e405bc61614ae3478
- SSDEEP
  
  12288:p7g75OSQVvVRUg4hFkSqnZQF+lluGWt8XnnuMgGEWe7/TTgxhs1:utWvVRUzhOdKF+llj6YnGWcLTuhs
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2