b8e4e889414c9bcb072f33dc183b340d67c7f600d276016994927bd80bb3c0ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8e4e889414c9bcb072f33dc183b340d67c7f600d276016994927bd80bb3c0ac
Size

670KB
Sample

220919-w8hvzagdgp
MD5

6786131a5fec937e51c9e6c6bb5189d2
SHA1

4ddbdc8f2082a428ac977ee329dbaa65cf17f27f
SHA256

b8e4e889414c9bcb072f33dc183b340d67c7f600d276016994927bd80bb3c0ac
SHA512

4374440443eae3d9d8b7f6bb4cd830f806c729f34a35977dc0bb7c0c4b889da9fa68c61870c39fbeb9c4c4c874a46b7bcb0c3fa01635349ae52562d34b95087b
SSDEEP

12288:Uvy0ocBdAwVSFmxG1kae03LMRkxDpnBgefF3Z4mxxJoEtlK+kt9T2MdX:UvyP8VCde03ikxNBLQmXKGA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b8e4e889414c9bcb072f33dc183b340d67c7f600d276016994927bd80bb3c0ac
- Size
  
  670KB
- MD5
  
  6786131a5fec937e51c9e6c6bb5189d2
- SHA1
  
  4ddbdc8f2082a428ac977ee329dbaa65cf17f27f
- SHA256
  
  b8e4e889414c9bcb072f33dc183b340d67c7f600d276016994927bd80bb3c0ac
- SHA512
  
  4374440443eae3d9d8b7f6bb4cd830f806c729f34a35977dc0bb7c0c4b889da9fa68c61870c39fbeb9c4c4c874a46b7bcb0c3fa01635349ae52562d34b95087b
- SSDEEP
  
  12288:Uvy0ocBdAwVSFmxG1kae03LMRkxDpnBgefF3Z4mxxJoEtlK+kt9T2MdX:UvyP8VCde03ikxNBLQmXKGA
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2