a0697564d3140853fa94a0df53cd50f070360934536166c68dae44a454186947 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0697564d3140853fa94a0df53cd50f070360934536166c68dae44a454186947
Size

136KB
Sample

221028-1xca9sheej
MD5

0e09b431e1d15d6847dae7c7f78a33b0
SHA1

ec3955bbb574766c3138fe8c57b2f52e4d28e246
SHA256

a0697564d3140853fa94a0df53cd50f070360934536166c68dae44a454186947
SHA512

221604768db6b3a966cfa9e21b5b5ab6aabab68163b6e94abd31392ee33aa8ec7e26f0c8af32cc652a732211d6342a25441a49845792075629804c7ac5d8266e
SSDEEP

1536:o1Rjr6PKT/wJNr0aCraUFMM40dE6N9gE1QetDwD7dcYKd:o1RjuW/sCWUF+0/9TQcDwD7dc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a0697564d3140853fa94a0df53cd50f070360934536166c68dae44a454186947
- Size
  
  136KB
- MD5
  
  0e09b431e1d15d6847dae7c7f78a33b0
- SHA1
  
  ec3955bbb574766c3138fe8c57b2f52e4d28e246
- SHA256
  
  a0697564d3140853fa94a0df53cd50f070360934536166c68dae44a454186947
- SHA512
  
  221604768db6b3a966cfa9e21b5b5ab6aabab68163b6e94abd31392ee33aa8ec7e26f0c8af32cc652a732211d6342a25441a49845792075629804c7ac5d8266e
- SSDEEP
  
  1536:o1Rjr6PKT/wJNr0aCraUFMM40dE6N9gE1QetDwD7dcYKd:o1RjuW/sCWUF+0/9TQcDwD7dc
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2