f1a4df9568feadb23b63c862bc9bb8a779d1b15a81ef9938aeb383e6a0f47478 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1a4df9568feadb23b63c862bc9bb8a779d1b15a81ef9938aeb383e6a0f47478
Size

216KB
Sample

221020-11bh5sgfb4
MD5

7ae277ad33f1eda32a8c934615f9ae57
SHA1

8e1fe6f543a3e6fd66477c3aa0dbe9a230ef8f85
SHA256

f1a4df9568feadb23b63c862bc9bb8a779d1b15a81ef9938aeb383e6a0f47478
SHA512

45c6d5e2e2ee4e529e2f6362931a555206f11e32c3a4d30d2900f25365ee5cef3410f0b83d48e9c1fe05a1d1fb33cc50bf40784918073b7378123f76cca3e147
SSDEEP

3072:L7jVeHLXsnENPCcRDUN3PBneGHB/ThdFJpS5W7FQaum4GeMBpbVVDQ:2LXsnuKeoBXBbfF3V7GD8/b8

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f1a4df9568feadb23b63c862bc9bb8a779d1b15a81ef9938aeb383e6a0f47478
- Size
  
  216KB
- MD5
  
  7ae277ad33f1eda32a8c934615f9ae57
- SHA1
  
  8e1fe6f543a3e6fd66477c3aa0dbe9a230ef8f85
- SHA256
  
  f1a4df9568feadb23b63c862bc9bb8a779d1b15a81ef9938aeb383e6a0f47478
- SHA512
  
  45c6d5e2e2ee4e529e2f6362931a555206f11e32c3a4d30d2900f25365ee5cef3410f0b83d48e9c1fe05a1d1fb33cc50bf40784918073b7378123f76cca3e147
- SSDEEP
  
  3072:L7jVeHLXsnENPCcRDUN3PBneGHB/ThdFJpS5W7FQaum4GeMBpbVVDQ:2LXsnuKeoBXBbfF3V7GD8/b8
Score

8^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2