b6e5edb2596e4868290bd5f92bc31a61865a9041ae639b6589e6050d7fee167c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6e5edb2596e4868290bd5f92bc31a61865a9041ae639b6589e6050d7fee167c
Size

120KB
Sample

221020-bmbjjsgcb9
MD5

90fe3e38c50e3912c3126cb0c8aeebd0
SHA1

e6ee392d509cba21f1c84b4003ad4801a472cf68
SHA256

b6e5edb2596e4868290bd5f92bc31a61865a9041ae639b6589e6050d7fee167c
SHA512

ef663a7a4aeac490679f4c61ac37698ce477b94f9637d0c0fa246f9c92aebebe23d77d0e80f4b8340a2c3049c2689ae3a4f98d140ae8478c7ce5eb72dabd7cee
SSDEEP

1536:mvy50tV44aqwoa9ujdbNyVXa1lgNdaOCt1kTW/m:mtWZqwoa9Xa1Idart19O

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b6e5edb2596e4868290bd5f92bc31a61865a9041ae639b6589e6050d7fee167c
- Size
  
  120KB
- MD5
  
  90fe3e38c50e3912c3126cb0c8aeebd0
- SHA1
  
  e6ee392d509cba21f1c84b4003ad4801a472cf68
- SHA256
  
  b6e5edb2596e4868290bd5f92bc31a61865a9041ae639b6589e6050d7fee167c
- SHA512
  
  ef663a7a4aeac490679f4c61ac37698ce477b94f9637d0c0fa246f9c92aebebe23d77d0e80f4b8340a2c3049c2689ae3a4f98d140ae8478c7ce5eb72dabd7cee
- SSDEEP
  
  1536:mvy50tV44aqwoa9ujdbNyVXa1lgNdaOCt1kTW/m:mtWZqwoa9Xa1Idart19O
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2