e471d4552d7641f3ff1b82739d0117a7a44674153afae207882ee5d6b9249e3e | Triage

Sharing

General

Target

e471d4552d7641f3ff1b82739d0117a7a44674153afae207882ee5d6b9249e3e
Size

120KB
Sample

221020-x25a3abbdp
MD5

a00ff1e969bd14e156d2906ae11d2640
SHA1

75acf44a565302e1cacc79828ee826923504cf5f
SHA256

e471d4552d7641f3ff1b82739d0117a7a44674153afae207882ee5d6b9249e3e
SHA512

e363cf19f472716f4de1ca0bc7f75b4121f39b02a26c875d11099c483396fee1c0123447d129a8bf658dfb9243c99ba2bbe0a186d09b40884e320ff335b012bb
SSDEEP

1536:t96bx0D38opylZipii7LkoyXYTBgmqzgmvQxRjXrvXk8VPkvf98wO2z+gRqEpes:GO8opyl0ZspX0AgGQz/v0gir+k8s

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e471d4552d7641f3ff1b82739d0117a7a44674153afae207882ee5d6b9249e3e
- Size
  
  120KB
- MD5
  
  a00ff1e969bd14e156d2906ae11d2640
- SHA1
  
  75acf44a565302e1cacc79828ee826923504cf5f
- SHA256
  
  e471d4552d7641f3ff1b82739d0117a7a44674153afae207882ee5d6b9249e3e
- SHA512
  
  e363cf19f472716f4de1ca0bc7f75b4121f39b02a26c875d11099c483396fee1c0123447d129a8bf658dfb9243c99ba2bbe0a186d09b40884e320ff335b012bb
- SSDEEP
  
  1536:t96bx0D38opylZipii7LkoyXYTBgmqzgmvQxRjXrvXk8VPkvf98wO2z+gRqEpes:GO8opyl0ZspX0AgGQz/v0gir+k8s
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2