29dff93774750f7f7491597d1e5ca0390ccf7f98f2b28a1f7e829af74078b50e | Triage

Sharing

General

Target

29dff93774750f7f7491597d1e5ca0390ccf7f98f2b28a1f7e829af74078b50e
Size

56KB
Sample

221002-sgpmnabgf7
MD5

6bf9b57f0c5dede417585f341dcc2f40
SHA1

e40bf30d3a2c596df93b5fb197f5956f4eb7851b
SHA256

29dff93774750f7f7491597d1e5ca0390ccf7f98f2b28a1f7e829af74078b50e
SHA512

b9f03328af9e836d9851896c2fe477551626d22f16327030045a27ee1821556711ab32de513d6521e2c5fb6fc87423e1cf14cecc2fe8031faaa28902b0ae5322
SSDEEP

768:uyP0mzpASojkUKp2vQ3Oo4XQX+yFMw1+gWRrlLVYmYZd9zcqZf:fQjf/1QX+gMwk7rrYBbx

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  29dff93774750f7f7491597d1e5ca0390ccf7f98f2b28a1f7e829af74078b50e
- Size
  
  56KB
- MD5
  
  6bf9b57f0c5dede417585f341dcc2f40
- SHA1
  
  e40bf30d3a2c596df93b5fb197f5956f4eb7851b
- SHA256
  
  29dff93774750f7f7491597d1e5ca0390ccf7f98f2b28a1f7e829af74078b50e
- SHA512
  
  b9f03328af9e836d9851896c2fe477551626d22f16327030045a27ee1821556711ab32de513d6521e2c5fb6fc87423e1cf14cecc2fe8031faaa28902b0ae5322
- SSDEEP
  
  768:uyP0mzpASojkUKp2vQ3Oo4XQX+yFMw1+gWRrlLVYmYZd9zcqZf:fQjf/1QX+gMwk7rrYBbx
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2