4993d15ee04142d0cf9afd04dd4c31f50120d18859704106419ac53505eb9409 | Triage

Sharing

General

Target

4993d15ee04142d0cf9afd04dd4c31f50120d18859704106419ac53505eb9409
Size

205KB
Sample

221004-d1j4ysagd6
MD5

6a5572abe94615a7145dead4c24ae750
SHA1

208029b6619b2d2072db72a7708e2b436945afd7
SHA256

4993d15ee04142d0cf9afd04dd4c31f50120d18859704106419ac53505eb9409
SHA512

3c96e38532cf71749bf79c9c3a63dc0322a779d8f1e69c140c79108feb6bc350a44d193a9ac0d54012768387640550d6351f68fb3ccc0e4aafe14f9beeb5218a
SSDEEP

3072:7S8BCfoDaXJNMR9vuudUmU/A9pkh5Ost9/Bw2u/v9lVa6pKrSC8gq/Qfdx34o+uF:7PB6ERpLdX8JLwtm6QrzciXv

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4993d15ee04142d0cf9afd04dd4c31f50120d18859704106419ac53505eb9409
- Size
  
  205KB
- MD5
  
  6a5572abe94615a7145dead4c24ae750
- SHA1
  
  208029b6619b2d2072db72a7708e2b436945afd7
- SHA256
  
  4993d15ee04142d0cf9afd04dd4c31f50120d18859704106419ac53505eb9409
- SHA512
  
  3c96e38532cf71749bf79c9c3a63dc0322a779d8f1e69c140c79108feb6bc350a44d193a9ac0d54012768387640550d6351f68fb3ccc0e4aafe14f9beeb5218a
- SSDEEP
  
  3072:7S8BCfoDaXJNMR9vuudUmU/A9pkh5Ost9/Bw2u/v9lVa6pKrSC8gq/Qfdx34o+uF:7PB6ERpLdX8JLwtm6QrzciXv
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2