6c9d80521de98292ff5c53d7ae6ce0bb29d8814182a6c8adc8595b98e8833aad | Triage

Sharing

General

Target

6c9d80521de98292ff5c53d7ae6ce0bb29d8814182a6c8adc8595b98e8833aad
Size

124KB
Sample

221029-awmshadfg6
MD5

0cb31cf501e1d0cfe6e0a26df5525850
SHA1

75d6092570e384c7a0578f0bde286362eea32844
SHA256

6c9d80521de98292ff5c53d7ae6ce0bb29d8814182a6c8adc8595b98e8833aad
SHA512

d28934edd537f6ba4f562806f1a40eb90d754c2caa4974d772e8b4c79a728382133c3d5b13bdaf5f7401e4ad8b1f59faaf7589821d3b6e7b065a82bc1375c82a
SSDEEP

1536:vLBYbzcsgkNn4jnstTfIGsXbJyBnZuZ27ogIlt7TeNJOSA5mEY7X05uHaW34k5RZ:zLjnstTf9ZuZ2MgGwQ/2auHaFq4UvJ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6c9d80521de98292ff5c53d7ae6ce0bb29d8814182a6c8adc8595b98e8833aad
- Size
  
  124KB
- MD5
  
  0cb31cf501e1d0cfe6e0a26df5525850
- SHA1
  
  75d6092570e384c7a0578f0bde286362eea32844
- SHA256
  
  6c9d80521de98292ff5c53d7ae6ce0bb29d8814182a6c8adc8595b98e8833aad
- SHA512
  
  d28934edd537f6ba4f562806f1a40eb90d754c2caa4974d772e8b4c79a728382133c3d5b13bdaf5f7401e4ad8b1f59faaf7589821d3b6e7b065a82bc1375c82a
- SSDEEP
  
  1536:vLBYbzcsgkNn4jnstTfIGsXbJyBnZuZ27ogIlt7TeNJOSA5mEY7X05uHaW34k5RZ:zLjnstTf9ZuZ2MgGwQ/2auHaFq4UvJ
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2