f4b54c6b7f62071eb0ed98e67a610199a135188e391ceda017c5b12cf03afa52 | Triage

Sharing

General

Target

f4b54c6b7f62071eb0ed98e67a610199a135188e391ceda017c5b12cf03afa52
Size

201KB
Sample

221003-arew4aadbp
MD5

0409620c4356adbec68ff60e2b5d47e2
SHA1

36504ba064e13304099fc7882ffc49f8ae878cf0
SHA256

f4b54c6b7f62071eb0ed98e67a610199a135188e391ceda017c5b12cf03afa52
SHA512

16a5899b8c611c715146bf77741e5eff9d4e9cdf26867e547c05a75fe0bb7864616d3534d7d1a935947ae6df4101b3a32d4a8411be6f76be76c2b8b417b8797e
SSDEEP

3072:mFPlX1/xl0IXHvrPADAxNDcgCtLF5lktYlVGsavKCjKEOnC:mF9X1/xl3rPADAxJothQtltvK7nC

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f4b54c6b7f62071eb0ed98e67a610199a135188e391ceda017c5b12cf03afa52
- Size
  
  201KB
- MD5
  
  0409620c4356adbec68ff60e2b5d47e2
- SHA1
  
  36504ba064e13304099fc7882ffc49f8ae878cf0
- SHA256
  
  f4b54c6b7f62071eb0ed98e67a610199a135188e391ceda017c5b12cf03afa52
- SHA512
  
  16a5899b8c611c715146bf77741e5eff9d4e9cdf26867e547c05a75fe0bb7864616d3534d7d1a935947ae6df4101b3a32d4a8411be6f76be76c2b8b417b8797e
- SSDEEP
  
  3072:mFPlX1/xl0IXHvrPADAxNDcgCtLF5lktYlVGsavKCjKEOnC:mF9X1/xl3rPADAxJothQtltvK7nC
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2