bc260d96c78f958775ea9187fdce5f69410659da946b6da6b8e103a6f08af5ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc260d96c78f958775ea9187fdce5f69410659da946b6da6b8e103a6f08af5ed
Size

140KB
Sample

221029-agbfxsdedm
MD5

00444af648f768af2868d8985fc589d1
SHA1

54acaea8accd1c67900a1a8b5a29a9bb768d4075
SHA256

bc260d96c78f958775ea9187fdce5f69410659da946b6da6b8e103a6f08af5ed
SHA512

ccd4f5e63afa694756674537fb594bbb0b4199605822d634b71d8dfbb8ed4a54ccaaeb65fb813aa16c354f2a69ae9ac2c3ae573bcc6e9f724f8be40753c8b3d1
SSDEEP

3072:QWceId2ZroWP9XEdIJ4/+p6kzATcngTdIY8BkP38mOo6EwBjjSq:QWcFdwosXEd+4XkOdIvqP38mOozg

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bc260d96c78f958775ea9187fdce5f69410659da946b6da6b8e103a6f08af5ed
- Size
  
  140KB
- MD5
  
  00444af648f768af2868d8985fc589d1
- SHA1
  
  54acaea8accd1c67900a1a8b5a29a9bb768d4075
- SHA256
  
  bc260d96c78f958775ea9187fdce5f69410659da946b6da6b8e103a6f08af5ed
- SHA512
  
  ccd4f5e63afa694756674537fb594bbb0b4199605822d634b71d8dfbb8ed4a54ccaaeb65fb813aa16c354f2a69ae9ac2c3ae573bcc6e9f724f8be40753c8b3d1
- SSDEEP
  
  3072:QWceId2ZroWP9XEdIJ4/+p6kzATcngTdIY8BkP38mOo6EwBjjSq:QWcFdwosXEd+4XkOdIvqP38mOozg
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2