111491f3d2c6b2d02588a285b3cbbe24cf96872a75691fba45ddc864454d9cac | Triage

Sharing

General

Target

111491f3d2c6b2d02588a285b3cbbe24cf96872a75691fba45ddc864454d9cac
Size

310KB
Sample

221003-bz42maage5
MD5

65fdbb3a71a31e567bd2463213e088e0
SHA1

c10c799b1388f09b991970a9ae8adfe33260b611
SHA256

111491f3d2c6b2d02588a285b3cbbe24cf96872a75691fba45ddc864454d9cac
SHA512

a093548330939aedcf12c2301932e7a606e8eb2e4f7306b855ecb28e7a12579dfb69cdf30376da530ea13360978feb56a91a7d5bf89980ffd03a49fde826b579
SSDEEP

6144:GUG/5j2IeB21yUFANQlD8Vn7hyogv+8GjOmvAQj/THLK:RhIgeydQl4Jtyom3GjlIQO

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  111491f3d2c6b2d02588a285b3cbbe24cf96872a75691fba45ddc864454d9cac
- Size
  
  310KB
- MD5
  
  65fdbb3a71a31e567bd2463213e088e0
- SHA1
  
  c10c799b1388f09b991970a9ae8adfe33260b611
- SHA256
  
  111491f3d2c6b2d02588a285b3cbbe24cf96872a75691fba45ddc864454d9cac
- SHA512
  
  a093548330939aedcf12c2301932e7a606e8eb2e4f7306b855ecb28e7a12579dfb69cdf30376da530ea13360978feb56a91a7d5bf89980ffd03a49fde826b579
- SSDEEP
  
  6144:GUG/5j2IeB21yUFANQlD8Vn7hyogv+8GjOmvAQj/THLK:RhIgeydQl4Jtyom3GjlIQO
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2