20946cafe4c2b4462948fed6999067a1907ba32f339831220f4babfa61daaec9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20946cafe4c2b4462948fed6999067a1907ba32f339831220f4babfa61daaec9
Size

176KB
Sample

221026-2y2szshgck
MD5

020a0a1269da8b829b609976ab077cbe
SHA1

0e65d3fc6fa073ba8ef8a24551467c3118e94d22
SHA256

20946cafe4c2b4462948fed6999067a1907ba32f339831220f4babfa61daaec9
SHA512

d879eb03aa2a5ffb5d2c8eca4031b2600e98e1f5f118d5d004fe7e1830ec957b8a723636e734b8bb57f574e97c2c9150e897137d2b09724df4eb45fce1743e3a
SSDEEP

3072:DKMH0mI+AMEJRMk1zcXnhuS97RkwxmOhk3FwYgAZJltR3i0r36wQZQH52ryhze:D9HUzNJlUhdCw00jYpg+/QZERQ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  20946cafe4c2b4462948fed6999067a1907ba32f339831220f4babfa61daaec9
- Size
  
  176KB
- MD5
  
  020a0a1269da8b829b609976ab077cbe
- SHA1
  
  0e65d3fc6fa073ba8ef8a24551467c3118e94d22
- SHA256
  
  20946cafe4c2b4462948fed6999067a1907ba32f339831220f4babfa61daaec9
- SHA512
  
  d879eb03aa2a5ffb5d2c8eca4031b2600e98e1f5f118d5d004fe7e1830ec957b8a723636e734b8bb57f574e97c2c9150e897137d2b09724df4eb45fce1743e3a
- SSDEEP
  
  3072:DKMH0mI+AMEJRMk1zcXnhuS97RkwxmOhk3FwYgAZJltR3i0r36wQZQH52ryhze:D9HUzNJlUhdCw00jYpg+/QZERQ
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2