cbeb755f68b8eb15b548670e3a0d6e9b07dfb2f9d3beedecfbc48ba8c27ace6b | Triage

Sharing

General

Target

cbeb755f68b8eb15b548670e3a0d6e9b07dfb2f9d3beedecfbc48ba8c27ace6b
Size

128KB
Sample

221001-15b1gaahfq
MD5

6b0c41b128bc7fd2e37b49b35a35ac82
SHA1

831158561163394c5cfa10b07b494fc050f6419c
SHA256

cbeb755f68b8eb15b548670e3a0d6e9b07dfb2f9d3beedecfbc48ba8c27ace6b
SHA512

11231f6b6c792f25230b9b02aaa75dcd22c7c543b023ae4592ac23bc421d9c72290018eca4c2c8924692789b1d7abba93dfb28af0f8a89773f3306214e0f368a
SSDEEP

3072:WYbt6GNvYvwcz9gNvcMoY4sXDkOD6yM/w6:TNvYw9chY1YfyM/w6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cbeb755f68b8eb15b548670e3a0d6e9b07dfb2f9d3beedecfbc48ba8c27ace6b
- Size
  
  128KB
- MD5
  
  6b0c41b128bc7fd2e37b49b35a35ac82
- SHA1
  
  831158561163394c5cfa10b07b494fc050f6419c
- SHA256
  
  cbeb755f68b8eb15b548670e3a0d6e9b07dfb2f9d3beedecfbc48ba8c27ace6b
- SHA512
  
  11231f6b6c792f25230b9b02aaa75dcd22c7c543b023ae4592ac23bc421d9c72290018eca4c2c8924692789b1d7abba93dfb28af0f8a89773f3306214e0f368a
- SSDEEP
  
  3072:WYbt6GNvYvwcz9gNvcMoY4sXDkOD6yM/w6:TNvYw9chY1YfyM/w6
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2