74749e70f0096773ea69254556a8c56fe2c34b009b3e0f7ad73b5f4febf3c339 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74749e70f0096773ea69254556a8c56fe2c34b009b3e0f7ad73b5f4febf3c339
Size

31KB
Sample

221020-x2r1qsbcd7
MD5

47241e7ca45ef9d32b86b1ddbd1cc42b
SHA1

d11416d70157b4d2ae3b0abf41a3014687ccdfb8
SHA256

74749e70f0096773ea69254556a8c56fe2c34b009b3e0f7ad73b5f4febf3c339
SHA512

51e5bb941725f4ecb644683d3e7ed73d01d50b337cdc355974d068a1067ef88f06124949a3c2b0fe3c5006b0c12bc79dc6a0426b7fac73e83b559203b3de2800
SSDEEP

768:yW+cd4cMrouTR2X1gp9cyT1OKyMX77ZI:X/2M71gpOyxOKyMX77Z

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  74749e70f0096773ea69254556a8c56fe2c34b009b3e0f7ad73b5f4febf3c339
- Size
  
  31KB
- MD5
  
  47241e7ca45ef9d32b86b1ddbd1cc42b
- SHA1
  
  d11416d70157b4d2ae3b0abf41a3014687ccdfb8
- SHA256
  
  74749e70f0096773ea69254556a8c56fe2c34b009b3e0f7ad73b5f4febf3c339
- SHA512
  
  51e5bb941725f4ecb644683d3e7ed73d01d50b337cdc355974d068a1067ef88f06124949a3c2b0fe3c5006b0c12bc79dc6a0426b7fac73e83b559203b3de2800
- SSDEEP
  
  768:yW+cd4cMrouTR2X1gp9cyT1OKyMX77ZI:X/2M71gpOyxOKyMX77Z
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2