a3a54be8ef5cc96c2efaac4fc52bf840a1ed7817f66a3298789d0d3eba5f473a | Triage

Sharing

General

Target

a3a54be8ef5cc96c2efaac4fc52bf840a1ed7817f66a3298789d0d3eba5f473a
Size

370KB
Sample

221029-15hg9ahda6
MD5

58515cbc17bde370025a73a9a7678680
SHA1

1dbfa507da3c3cf580965e7f577c3cc13621cacc
SHA256

a3a54be8ef5cc96c2efaac4fc52bf840a1ed7817f66a3298789d0d3eba5f473a
SHA512

ee73b777055fc22a30511615f29d1e09b799aa5f94eb381dfb151482e027ee84685e520f30f03be3bf4598f5210e6dfb928c5fe769181c9c1794569f048710dc
SSDEEP

6144:PjLXY+jLMlDXcAC7YS325GB6Y2l/hQGoEv:PfYGLMhIkVzf

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a3a54be8ef5cc96c2efaac4fc52bf840a1ed7817f66a3298789d0d3eba5f473a
- Size
  
  370KB
- MD5
  
  58515cbc17bde370025a73a9a7678680
- SHA1
  
  1dbfa507da3c3cf580965e7f577c3cc13621cacc
- SHA256
  
  a3a54be8ef5cc96c2efaac4fc52bf840a1ed7817f66a3298789d0d3eba5f473a
- SHA512
  
  ee73b777055fc22a30511615f29d1e09b799aa5f94eb381dfb151482e027ee84685e520f30f03be3bf4598f5210e6dfb928c5fe769181c9c1794569f048710dc
- SSDEEP
  
  6144:PjLXY+jLMlDXcAC7YS325GB6Y2l/hQGoEv:PfYGLMhIkVzf
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2