abc8102ed11d120f9797457ea1066d62ceda8440ae8582f0255252661ca6287b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abc8102ed11d120f9797457ea1066d62ceda8440ae8582f0255252661ca6287b
Size

264KB
Sample

221011-sapn3saff7
MD5

f7e85a61ce697299223fed18c428e6f0
SHA1

7936563709db9f68251735409a1d40a7cb188a80
SHA256

abc8102ed11d120f9797457ea1066d62ceda8440ae8582f0255252661ca6287b
SHA512

d99e5722461969cda9659b57a6016f2a6e297f48f8500a9e98f95238ee01fd989daaa5b5fe4255bea2c6af7315792f609dcc3581ccd845620ed1ee259c2d1a73
SSDEEP

6144:O9w8T9c1lBzcMZF7bwwBGY4EheDBxe8E:Mi1lB9F70wH4Mebe8

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  abc8102ed11d120f9797457ea1066d62ceda8440ae8582f0255252661ca6287b
- Size
  
  264KB
- MD5
  
  f7e85a61ce697299223fed18c428e6f0
- SHA1
  
  7936563709db9f68251735409a1d40a7cb188a80
- SHA256
  
  abc8102ed11d120f9797457ea1066d62ceda8440ae8582f0255252661ca6287b
- SHA512
  
  d99e5722461969cda9659b57a6016f2a6e297f48f8500a9e98f95238ee01fd989daaa5b5fe4255bea2c6af7315792f609dcc3581ccd845620ed1ee259c2d1a73
- SSDEEP
  
  6144:O9w8T9c1lBzcMZF7bwwBGY4EheDBxe8E:Mi1lB9F70wH4Mebe8
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2