862b6e7fba1a8f9ff99ce9e3e1bb917cd102a618c62e2fbcbb93d363e7d4d18a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

862b6e7fba1a8f9ff99ce9e3e1bb917cd102a618c62e2fbcbb93d363e7d4d18a
Size

132KB
Sample

221019-2aznqabae5
MD5

917067692a2ede11a88ad5ca3480644d
SHA1

158d93977fa4a2a28cebf6ba149d8015a7eeb6db
SHA256

862b6e7fba1a8f9ff99ce9e3e1bb917cd102a618c62e2fbcbb93d363e7d4d18a
SHA512

0370ee6184e9506bb21a6c1c25647554f468791615975f1b2ab92caf49c44ed9890722e403d927b55795a7a596a271e9d461c61cb8df8a73a2967313dc474b3d
SSDEEP

1536:w5iBob+w76Mj+wpw7/BUctSqIOevWFODz8OKh1YjNvDaPLABapUL0AGeujS97VqT:EbDi5UctznIHnK8ZLo7UYAGW9o

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  862b6e7fba1a8f9ff99ce9e3e1bb917cd102a618c62e2fbcbb93d363e7d4d18a
- Size
  
  132KB
- MD5
  
  917067692a2ede11a88ad5ca3480644d
- SHA1
  
  158d93977fa4a2a28cebf6ba149d8015a7eeb6db
- SHA256
  
  862b6e7fba1a8f9ff99ce9e3e1bb917cd102a618c62e2fbcbb93d363e7d4d18a
- SHA512
  
  0370ee6184e9506bb21a6c1c25647554f468791615975f1b2ab92caf49c44ed9890722e403d927b55795a7a596a271e9d461c61cb8df8a73a2967313dc474b3d
- SSDEEP
  
  1536:w5iBob+w76Mj+wpw7/BUctSqIOevWFODz8OKh1YjNvDaPLABapUL0AGeujS97VqT:EbDi5UctznIHnK8ZLo7UYAGW9o
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2