abe331ea92d1364501e5aa4f76bf20379c6eb3325e167e52b86194d2d71f2203 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abe331ea92d1364501e5aa4f76bf20379c6eb3325e167e52b86194d2d71f2203
Size

128KB
Sample

221003-hxp81sebbk
MD5

4ec125b41e54d3c7ccc4fd27505c1b81
SHA1

699744dc12164fbe81c0787b9c51772e3877d854
SHA256

abe331ea92d1364501e5aa4f76bf20379c6eb3325e167e52b86194d2d71f2203
SHA512

c3d0be2dc2b1403e5ce0674186aa91fa23ea97c3e031d6daddc8c60321fd9081c03373755ecb6620a1d34b853543d97c8d074b941dc55a2afdf284f429f4f2f8
SSDEEP

1536:zFldNN/8+LC7GemzxeZTYgxg5BjJ8vB7j+2nl4NGCzFbwJ4Xj6aZapk:J1N/RoGemleJGBjJ8lTl4NGCGiGk

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  abe331ea92d1364501e5aa4f76bf20379c6eb3325e167e52b86194d2d71f2203
- Size
  
  128KB
- MD5
  
  4ec125b41e54d3c7ccc4fd27505c1b81
- SHA1
  
  699744dc12164fbe81c0787b9c51772e3877d854
- SHA256
  
  abe331ea92d1364501e5aa4f76bf20379c6eb3325e167e52b86194d2d71f2203
- SHA512
  
  c3d0be2dc2b1403e5ce0674186aa91fa23ea97c3e031d6daddc8c60321fd9081c03373755ecb6620a1d34b853543d97c8d074b941dc55a2afdf284f429f4f2f8
- SSDEEP
  
  1536:zFldNN/8+LC7GemzxeZTYgxg5BjJ8vB7j+2nl4NGCzFbwJ4Xj6aZapk:J1N/RoGemleJGBjJ8lTl4NGCGiGk
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2