fd09c5d86630a2ba9fd423cf4d54463029a3825df432771c04fa5d8f8b005901 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd09c5d86630a2ba9fd423cf4d54463029a3825df432771c04fa5d8f8b005901
Size

122KB
Sample

221011-gy4blahhfj
MD5

5d50bfe6624b199c654c789c0b72d9a9
SHA1

913ad68bc6076189a5cc37ff08cb5353d7e89e8b
SHA256

fd09c5d86630a2ba9fd423cf4d54463029a3825df432771c04fa5d8f8b005901
SHA512

099eef3e474c0ba8f8a4170084a3a09791341311e71fbe40d0e911e3511840d870b28a4115721efef0c5c40dddf0999ccb6ccb4b95399b3044dbd5968e6c578e
SSDEEP

1536:rzCD/Ftkipjh83tgpTo5aZ/KbxkWLndmOsIa9j++Zq/jXY0UqMim:IhKtgpM5O/KbdndmOh6UXY0Urr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fd09c5d86630a2ba9fd423cf4d54463029a3825df432771c04fa5d8f8b005901
- Size
  
  122KB
- MD5
  
  5d50bfe6624b199c654c789c0b72d9a9
- SHA1
  
  913ad68bc6076189a5cc37ff08cb5353d7e89e8b
- SHA256
  
  fd09c5d86630a2ba9fd423cf4d54463029a3825df432771c04fa5d8f8b005901
- SHA512
  
  099eef3e474c0ba8f8a4170084a3a09791341311e71fbe40d0e911e3511840d870b28a4115721efef0c5c40dddf0999ccb6ccb4b95399b3044dbd5968e6c578e
- SSDEEP
  
  1536:rzCD/Ftkipjh83tgpTo5aZ/KbxkWLndmOsIa9j++Zq/jXY0UqMim:IhKtgpM5O/KbdndmOh6UXY0Urr
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2