5d18fb647141366d19546e9eb405508e4d8f4a471d257860fd550fb0001cb12c | Triage

Sharing

General

Target

5d18fb647141366d19546e9eb405508e4d8f4a471d257860fd550fb0001cb12c
Size

310KB
Sample

221012-w6723sfeb7
MD5

6355f22169b529201806a061a18c4310
SHA1

7c371aacc8711c7e5a2debf8a5d68376a016cfe6
SHA256

5d18fb647141366d19546e9eb405508e4d8f4a471d257860fd550fb0001cb12c
SHA512

b0019b5f83fedd166852273985ed0ac30408de929078356ff2554bcb9de3187fb86ede2eaa01ec184be3dd611d3eddf8f0c78c6db7f74dc5e8015b14b5928dbb
SSDEEP

6144:TI2FAHad+EXCJrBo8VeD9pTgdqx62EvfwM86f7gE9Xh5TsnRgrL0:TI2FmYOBo8VepeFNb86f735Tq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5d18fb647141366d19546e9eb405508e4d8f4a471d257860fd550fb0001cb12c
- Size
  
  310KB
- MD5
  
  6355f22169b529201806a061a18c4310
- SHA1
  
  7c371aacc8711c7e5a2debf8a5d68376a016cfe6
- SHA256
  
  5d18fb647141366d19546e9eb405508e4d8f4a471d257860fd550fb0001cb12c
- SHA512
  
  b0019b5f83fedd166852273985ed0ac30408de929078356ff2554bcb9de3187fb86ede2eaa01ec184be3dd611d3eddf8f0c78c6db7f74dc5e8015b14b5928dbb
- SSDEEP
  
  6144:TI2FAHad+EXCJrBo8VeD9pTgdqx62EvfwM86f7gE9Xh5TsnRgrL0:TI2FmYOBo8VepeFNb86f735Tq
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2