e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4
Size

355KB
Sample

221020-x2ncjsbbbp
MD5

96a0fd555171c326b6a8b1f1848ba2d0
SHA1

26d30e1dda4224baa7835a3e3e06cb022ecb350f
SHA256

e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4
SHA512

beb0d889fc9052614a9d87b2b15be51814142157499e055f9abc3adf13720dc1ca9c398fe15f95d98c6f961794c0b4658398d861159ffc8eb77ace5b03c8c831
SSDEEP

6144:hkHGtCNBlRqTDxpUMgZZdUytUTNotV//0C2F/RZ5sG82zp2LhfbMXifzPIP1AI:UvlRqTDxpUMgndcytF//2F/RZ5820LtQ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4
- Size
  
  355KB
- MD5
  
  96a0fd555171c326b6a8b1f1848ba2d0
- SHA1
  
  26d30e1dda4224baa7835a3e3e06cb022ecb350f
- SHA256
  
  e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4
- SHA512
  
  beb0d889fc9052614a9d87b2b15be51814142157499e055f9abc3adf13720dc1ca9c398fe15f95d98c6f961794c0b4658398d861159ffc8eb77ace5b03c8c831
- SSDEEP
  
  6144:hkHGtCNBlRqTDxpUMgZZdUytUTNotV//0C2F/RZ5sG82zp2LhfbMXifzPIP1AI:UvlRqTDxpUMgndcytF//2F/RZ5820LtQ
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2