a49f4356f0bd0114da3a2acc83dcb81d7973a252321f80b373445f5864d54c32 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a49f4356f0bd0114da3a2acc83dcb81d7973a252321f80b373445f5864d54c32
Size

333KB
Sample

221019-s67vjaefbl
MD5

908948fc6d622c80f3dcda8fa0c70ab0
SHA1

04ea92fd20e49f04e277113543f2595bafe06f11
SHA256

a49f4356f0bd0114da3a2acc83dcb81d7973a252321f80b373445f5864d54c32
SHA512

58c794be6b67f365d80058623d56510674dd27d0d036cf2a45dbaf16f5f42c0d765ec1d83d9049acc2bc08d96edcb195940fc513fb684076979e53b397c0fc2a
SSDEEP

6144:9xF74x5b59oicM83lIPUdJ4+n+IW+xdY2DDQdsiyfxPh4eUT/1XPGL1qm2v527Qn:qx519otM83Nx+IZTbD7iy5kThGLY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a49f4356f0bd0114da3a2acc83dcb81d7973a252321f80b373445f5864d54c32
- Size
  
  333KB
- MD5
  
  908948fc6d622c80f3dcda8fa0c70ab0
- SHA1
  
  04ea92fd20e49f04e277113543f2595bafe06f11
- SHA256
  
  a49f4356f0bd0114da3a2acc83dcb81d7973a252321f80b373445f5864d54c32
- SHA512
  
  58c794be6b67f365d80058623d56510674dd27d0d036cf2a45dbaf16f5f42c0d765ec1d83d9049acc2bc08d96edcb195940fc513fb684076979e53b397c0fc2a
- SSDEEP
  
  6144:9xF74x5b59oicM83lIPUdJ4+n+IW+xdY2DDQdsiyfxPh4eUT/1XPGL1qm2v527Qn:qx519otM83Nx+IZTbD7iy5kThGLY
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2