37ed9221081d427e34fe13beb4d45f185830248a4066ec34ef89128a6bc7b9b3 | Triage

Sharing

General

Target

37ed9221081d427e34fe13beb4d45f185830248a4066ec34ef89128a6bc7b9b3
Size

138KB
Sample

221028-wcfqqsghc5
MD5

0bc459b144121f9e145809706d868dfb
SHA1

781235a49b081ab9a8db5bb4a8c702c7058df6f5
SHA256

37ed9221081d427e34fe13beb4d45f185830248a4066ec34ef89128a6bc7b9b3
SHA512

91037a2dc05588aeca72c9d0ebed4033cf09a516a57349a258f08d9351228d06d61f1cfe7083b40b2889a0e84c7f97b4f13c6077d3a44cdf1d283abbdc5c661a
SSDEEP

3072:/caqyte6cV77snHLLxtgyaXOqdPNbnhW4IxZx5kCZuubFrhU1wKKrONmX:/caBta77snHRrY7PNNW4IxZ7zbC0rONi

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  37ed9221081d427e34fe13beb4d45f185830248a4066ec34ef89128a6bc7b9b3
- Size
  
  138KB
- MD5
  
  0bc459b144121f9e145809706d868dfb
- SHA1
  
  781235a49b081ab9a8db5bb4a8c702c7058df6f5
- SHA256
  
  37ed9221081d427e34fe13beb4d45f185830248a4066ec34ef89128a6bc7b9b3
- SHA512
  
  91037a2dc05588aeca72c9d0ebed4033cf09a516a57349a258f08d9351228d06d61f1cfe7083b40b2889a0e84c7f97b4f13c6077d3a44cdf1d283abbdc5c661a
- SSDEEP
  
  3072:/caqyte6cV77snHLLxtgyaXOqdPNbnhW4IxZx5kCZuubFrhU1wKKrONmX:/caBta77snHRrY7PNNW4IxZ7zbC0rONi
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2