b97eb562028db9210d8824abbf94385bd8508b578f4089a1a64456aa5d1699db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b97eb562028db9210d8824abbf94385bd8508b578f4089a1a64456aa5d1699db
Size

781KB
Sample

221026-29xy6shham
MD5

2411f470cc02f7a75f6ab5c56ec22349
SHA1

ce2687e943f1cb950772e5e41e5ca3d98d86004a
SHA256

b97eb562028db9210d8824abbf94385bd8508b578f4089a1a64456aa5d1699db
SHA512

0eead231dd0b7fd86f5b10a3243e8e8cf3f67f4e63675b82f69e48201c60a4d5dce59c5228f7225dbd4ef2bf3c984322748f8774944920e5e456a02d66e16574
SSDEEP

12288:M0o48KUYljsaNlVUXeArHyedkoZr30kLshAAwGRvfFxukBv5riWKU+o2M:M/GUclVUpSe9ZbHLsj7x5qGz

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  b97eb562028db9210d8824abbf94385bd8508b578f4089a1a64456aa5d1699db
- Size
  
  781KB
- MD5
  
  2411f470cc02f7a75f6ab5c56ec22349
- SHA1
  
  ce2687e943f1cb950772e5e41e5ca3d98d86004a
- SHA256
  
  b97eb562028db9210d8824abbf94385bd8508b578f4089a1a64456aa5d1699db
- SHA512
  
  0eead231dd0b7fd86f5b10a3243e8e8cf3f67f4e63675b82f69e48201c60a4d5dce59c5228f7225dbd4ef2bf3c984322748f8774944920e5e456a02d66e16574
- SSDEEP
  
  12288:M0o48KUYljsaNlVUXeArHyedkoZr30kLshAAwGRvfFxukBv5riWKU+o2M:M/GUclVUpSe9ZbHLsj7x5qGz
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1