bd06c65007396a3315e45fffca0ac2ad542b939abce59f6b552308d106f50468 | Triage

Sharing

General

Target

bd06c65007396a3315e45fffca0ac2ad542b939abce59f6b552308d106f50468
Size

127KB
Sample

221002-jjjprafebl
MD5

6455373da16152426d34a86eb11f7a10
SHA1

63865ef4466392f0377451aee098afe986c4a8b3
SHA256

bd06c65007396a3315e45fffca0ac2ad542b939abce59f6b552308d106f50468
SHA512

26042fb0f6ccb983dca7ad836ba665afe066a1c4305e140d7c036a72a2a381cb93c5efa08636cd0e55366d435cdc5342fa91b4b61ca40aeda479dba44331ae50
SSDEEP

1536:l6u6YB56XJ6owvzbNfURp4VntUhtH7Vi4BhihkLewbAWHoKIObgtH5AXWn7eMsaq:l6uB28owvlrVnihVVi4HJLTsXpQl

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bd06c65007396a3315e45fffca0ac2ad542b939abce59f6b552308d106f50468
- Size
  
  127KB
- MD5
  
  6455373da16152426d34a86eb11f7a10
- SHA1
  
  63865ef4466392f0377451aee098afe986c4a8b3
- SHA256
  
  bd06c65007396a3315e45fffca0ac2ad542b939abce59f6b552308d106f50468
- SHA512
  
  26042fb0f6ccb983dca7ad836ba665afe066a1c4305e140d7c036a72a2a381cb93c5efa08636cd0e55366d435cdc5342fa91b4b61ca40aeda479dba44331ae50
- SSDEEP
  
  1536:l6u6YB56XJ6owvzbNfURp4VntUhtH7Vi4BhihkLewbAWHoKIObgtH5AXWn7eMsaq:l6uB28owvlrVnihVVi4HJLTsXpQl
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2