b8064ddfd6a867c142ca8755278bb894fcd9f571d42d668d5d80191878f10cf8 | Triage

Sharing

General

Target

b8064ddfd6a867c142ca8755278bb894fcd9f571d42d668d5d80191878f10cf8
Size

3.7MB
Sample

221029-ledztabdgq
MD5

c8c8367e68ccde94a04e002dbc3c2829
SHA1

c29b47b522b65bb50262edb3ed291cb7c2287c62
SHA256

b8064ddfd6a867c142ca8755278bb894fcd9f571d42d668d5d80191878f10cf8
SHA512

5d3ab9300781cf6e89e5537de44201089f5a57e0ba78e62f5a9a66a542c95f9680fe521dc07ee577058244a350da6d4ba94200e219e1ce851850cf1015135184
SSDEEP

49152:8Vg5tQ7a5Ws55uppok2BuFnDaI9ESdsZdyv1t3ERmEZZKdn31vRwGl0A7t9:Gg5641mppkBuRDblsa/0vjc31pR9

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  b8064ddfd6a867c142ca8755278bb894fcd9f571d42d668d5d80191878f10cf8
- Size
  
  3.7MB
- MD5
  
  c8c8367e68ccde94a04e002dbc3c2829
- SHA1
  
  c29b47b522b65bb50262edb3ed291cb7c2287c62
- SHA256
  
  b8064ddfd6a867c142ca8755278bb894fcd9f571d42d668d5d80191878f10cf8
- SHA512
  
  5d3ab9300781cf6e89e5537de44201089f5a57e0ba78e62f5a9a66a542c95f9680fe521dc07ee577058244a350da6d4ba94200e219e1ce851850cf1015135184
- SSDEEP
  
  49152:8Vg5tQ7a5Ws55uppok2BuFnDaI9ESdsZdyv1t3ERmEZZKdn31vRwGl0A7t9:Gg5641mppkBuRDblsa/0vjc31pR9
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2