6faa41765a7a72c7df7f3ab287938e906fc61b2dd60882cd59e92f995cb0f771 | Triage

Sharing

General

Target

6faa41765a7a72c7df7f3ab287938e906fc61b2dd60882cd59e92f995cb0f771
Size

307KB
Sample

221011-wtj5gshagl
MD5

2e4ae4d7662e8ab4d81beea58f3d81de
SHA1

fffe46c808034474c4b4b3363e36959a0a8b2099
SHA256

6faa41765a7a72c7df7f3ab287938e906fc61b2dd60882cd59e92f995cb0f771
SHA512

bab8846d96afc2dc214ae39ebeaae65cd4dbb9f6b63114617bec1309c14e441eadcf2bfc172466528f436ec08f8b99f755b435ad80191e9cf167f07651a9eeb6
SSDEEP

6144:74vCe0M3fQnSmjtbcHCWOP+CbsQMdf4g28DImvtvJaeOyN:7JeSnRVcxaVWh4LmlhpOyN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6faa41765a7a72c7df7f3ab287938e906fc61b2dd60882cd59e92f995cb0f771
- Size
  
  307KB
- MD5
  
  2e4ae4d7662e8ab4d81beea58f3d81de
- SHA1
  
  fffe46c808034474c4b4b3363e36959a0a8b2099
- SHA256
  
  6faa41765a7a72c7df7f3ab287938e906fc61b2dd60882cd59e92f995cb0f771
- SHA512
  
  bab8846d96afc2dc214ae39ebeaae65cd4dbb9f6b63114617bec1309c14e441eadcf2bfc172466528f436ec08f8b99f755b435ad80191e9cf167f07651a9eeb6
- SSDEEP
  
  6144:74vCe0M3fQnSmjtbcHCWOP+CbsQMdf4g28DImvtvJaeOyN:7JeSnRVcxaVWh4LmlhpOyN
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2