544f17d5a4deb0f457688fd22719c2d62ab4abe2816f9cff43513d129669f87b | Triage

Sharing

General

Target

544f17d5a4deb0f457688fd22719c2d62ab4abe2816f9cff43513d129669f87b
Size

293KB
Sample

221020-y2c29adbd5
MD5

96adad74e1fdecc3b05a6df043f980e0
SHA1

9327c8d98d05347ef890e72be1565cf2150bc102
SHA256

544f17d5a4deb0f457688fd22719c2d62ab4abe2816f9cff43513d129669f87b
SHA512

84b7e5f644702e8f0bfcc78124d660b4e0d6315636dae8399969b04e1b62b983fc78544bd6e2e8f86925949ebb03260ca1da056fafced9dbc13a474f5679c17f
SSDEEP

6144:GA39bnyI5zYFCfFWT2kuSKhjw1QrSyWft1U36xYGhtbUKy21owJv:GC9b3YFCm2kubjjrSFfVOGh9Uc1owJ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  544f17d5a4deb0f457688fd22719c2d62ab4abe2816f9cff43513d129669f87b
- Size
  
  293KB
- MD5
  
  96adad74e1fdecc3b05a6df043f980e0
- SHA1
  
  9327c8d98d05347ef890e72be1565cf2150bc102
- SHA256
  
  544f17d5a4deb0f457688fd22719c2d62ab4abe2816f9cff43513d129669f87b
- SHA512
  
  84b7e5f644702e8f0bfcc78124d660b4e0d6315636dae8399969b04e1b62b983fc78544bd6e2e8f86925949ebb03260ca1da056fafced9dbc13a474f5679c17f
- SSDEEP
  
  6144:GA39bnyI5zYFCfFWT2kuSKhjw1QrSyWft1U36xYGhtbUKy21owJv:GC9b3YFCm2kubjjrSFfVOGh9Uc1owJ
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2