ca814954c6adf09dd7721de7f65d343142a2f03abde1d984a0686e40e54b0461 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca814954c6adf09dd7721de7f65d343142a2f03abde1d984a0686e40e54b0461
Size

309KB
Sample

221001-15ljxahfe5
MD5

4b3cde9a1d0e4e64aede4a781a6c2910
SHA1

501767eb5f4f7a9aaef4284f2489c8213d7927a4
SHA256

ca814954c6adf09dd7721de7f65d343142a2f03abde1d984a0686e40e54b0461
SHA512

9cb9c94359a19ad747bb7f2cb716d29b88ac41a4ea28394f7b9d803340e915000c58210d3e508e5ddf0004eac721037c1c563ac8b2b2d602e15363ac04b78709
SSDEEP

6144:PgmYsNmUtb976RsQL8NbKXpHpUcPtGjDK6rTR+/XLxEOAwGZQBzpx:P9FNXbkGy8Nb+JD12DK6x+/XLqOAwGZm

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ca814954c6adf09dd7721de7f65d343142a2f03abde1d984a0686e40e54b0461
- Size
  
  309KB
- MD5
  
  4b3cde9a1d0e4e64aede4a781a6c2910
- SHA1
  
  501767eb5f4f7a9aaef4284f2489c8213d7927a4
- SHA256
  
  ca814954c6adf09dd7721de7f65d343142a2f03abde1d984a0686e40e54b0461
- SHA512
  
  9cb9c94359a19ad747bb7f2cb716d29b88ac41a4ea28394f7b9d803340e915000c58210d3e508e5ddf0004eac721037c1c563ac8b2b2d602e15363ac04b78709
- SSDEEP
  
  6144:PgmYsNmUtb976RsQL8NbKXpHpUcPtGjDK6rTR+/XLxEOAwGZQBzpx:P9FNXbkGy8Nb+JD12DK6x+/XLqOAwGZm
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2