a11348c534e96ea43878d2887c3798522fcb8df85c2b7d79d4cce3e81c7eec03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a11348c534e96ea43878d2887c3798522fcb8df85c2b7d79d4cce3e81c7eec03
Size

432KB
Sample

221019-qgc8hshcb7
MD5

90a9fab1498eef6a2a3f27534d8ebb90
SHA1

a628d56823aecf9aefb49ac086726c0f4ac6e55b
SHA256

a11348c534e96ea43878d2887c3798522fcb8df85c2b7d79d4cce3e81c7eec03
SHA512

e2ef541e0b2db744c1cf2fb220a332f9dd14454a2b592557164e565e7fd793d638b73ac35b631415b5ea87b65dd72a265d301a45f91e3cf411633ea5a5b33625
SSDEEP

3072:aDmNHBYSJrAI95sQ2EAVhF1s6IAknAlNZHnvIl/ZRewB1B70OFdg:aDOJMIiQ2PXs6zkAlznvI9WwbT6

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  a11348c534e96ea43878d2887c3798522fcb8df85c2b7d79d4cce3e81c7eec03
- Size
  
  432KB
- MD5
  
  90a9fab1498eef6a2a3f27534d8ebb90
- SHA1
  
  a628d56823aecf9aefb49ac086726c0f4ac6e55b
- SHA256
  
  a11348c534e96ea43878d2887c3798522fcb8df85c2b7d79d4cce3e81c7eec03
- SHA512
  
  e2ef541e0b2db744c1cf2fb220a332f9dd14454a2b592557164e565e7fd793d638b73ac35b631415b5ea87b65dd72a265d301a45f91e3cf411633ea5a5b33625
- SSDEEP
  
  3072:aDmNHBYSJrAI95sQ2EAVhF1s6IAknAlNZHnvIl/ZRewB1B70OFdg:aDOJMIiQ2PXs6zkAlznvI9WwbT6
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2