9d3263383d5e01fae72a7a54dd6cdc72954d426bf253ac3eaab09ca0edd4e710 | Triage

Sharing

General

Target

9d3263383d5e01fae72a7a54dd6cdc72954d426bf253ac3eaab09ca0edd4e710
Size

321KB
Sample

221003-rach3saba7
MD5

436230e12169baa1409256b04baccd0a
SHA1

3fc12cbc6a9d86459f34c496c19176c29cd47716
SHA256

9d3263383d5e01fae72a7a54dd6cdc72954d426bf253ac3eaab09ca0edd4e710
SHA512

44737125dbbedea17362095717765d73ccffed99934fd6a1aa1175a2131e2edda9ae695eb0c1660e9fb38d593f0c2fbe7c2e243f756ec37713ec7896382abecc
SSDEEP

6144:n/38eaNr4x2EwrICAwRpbLNjZTXDs+DY+6QrTakwsg90PtT:n/haNkwICAwDBjZ7maa6g90

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9d3263383d5e01fae72a7a54dd6cdc72954d426bf253ac3eaab09ca0edd4e710
- Size
  
  321KB
- MD5
  
  436230e12169baa1409256b04baccd0a
- SHA1
  
  3fc12cbc6a9d86459f34c496c19176c29cd47716
- SHA256
  
  9d3263383d5e01fae72a7a54dd6cdc72954d426bf253ac3eaab09ca0edd4e710
- SHA512
  
  44737125dbbedea17362095717765d73ccffed99934fd6a1aa1175a2131e2edda9ae695eb0c1660e9fb38d593f0c2fbe7c2e243f756ec37713ec7896382abecc
- SSDEEP
  
  6144:n/38eaNr4x2EwrICAwRpbLNjZTXDs+DY+6QrTakwsg90PtT:n/haNkwICAwDBjZ7maa6g90
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2