3340d72e8148f3d97095b5ab410a52f2495ad28470d8bbc110d3f49023daa693 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3340d72e8148f3d97095b5ab410a52f2495ad28470d8bbc110d3f49023daa693
Size

226KB
Sample

221003-r96k7sbhgp
MD5

57208ac3c5e6cce9b996a470af186f10
SHA1

7ad7d57ab1998fd8c20b92c395ba3d15fb16164d
SHA256

3340d72e8148f3d97095b5ab410a52f2495ad28470d8bbc110d3f49023daa693
SHA512

9c3f556f2f5266a37d00157b876a81728c8cffe64a5b5942fbdbdd83b6a8f6431fa8a901dd2ab7eae273da1a88714d74957f783d9361d087717988b034567740
SSDEEP

6144:dB9eRRUHESQVGcqTs4SYEcQnzpknvr4E6:dXeRRUrvTAlc6vE6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3340d72e8148f3d97095b5ab410a52f2495ad28470d8bbc110d3f49023daa693
- Size
  
  226KB
- MD5
  
  57208ac3c5e6cce9b996a470af186f10
- SHA1
  
  7ad7d57ab1998fd8c20b92c395ba3d15fb16164d
- SHA256
  
  3340d72e8148f3d97095b5ab410a52f2495ad28470d8bbc110d3f49023daa693
- SHA512
  
  9c3f556f2f5266a37d00157b876a81728c8cffe64a5b5942fbdbdd83b6a8f6431fa8a901dd2ab7eae273da1a88714d74957f783d9361d087717988b034567740
- SSDEEP
  
  6144:dB9eRRUHESQVGcqTs4SYEcQnzpknvr4E6:dXeRRUrvTAlc6vE6
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2