6503650e5cc175def27a719cf5617c9c9381a073ee3f884fe7ed70248fb8e616 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6503650e5cc175def27a719cf5617c9c9381a073ee3f884fe7ed70248fb8e616
Size

128KB
Sample

221030-p4t9wabdf5
MD5

83bb88816fdccfc0bcf8214a8dca145f
SHA1

62aab240e1bbd7c4ecbd1187d04bc3a61b530471
SHA256

6503650e5cc175def27a719cf5617c9c9381a073ee3f884fe7ed70248fb8e616
SHA512

39e34984f0dfb3f17e451a984bdcfb943963ce53f27966410692880bf6b643e4708e3306f7c2447b865cb534c01c7bfad0484b4d5397f2068cca34d0099e5b22
SSDEEP

3072:8DEBVFdfA6fDSJWcnn2yzd7CnZ3LjCAiFwN:1do6+oI2gYN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6503650e5cc175def27a719cf5617c9c9381a073ee3f884fe7ed70248fb8e616
- Size
  
  128KB
- MD5
  
  83bb88816fdccfc0bcf8214a8dca145f
- SHA1
  
  62aab240e1bbd7c4ecbd1187d04bc3a61b530471
- SHA256
  
  6503650e5cc175def27a719cf5617c9c9381a073ee3f884fe7ed70248fb8e616
- SHA512
  
  39e34984f0dfb3f17e451a984bdcfb943963ce53f27966410692880bf6b643e4708e3306f7c2447b865cb534c01c7bfad0484b4d5397f2068cca34d0099e5b22
- SSDEEP
  
  3072:8DEBVFdfA6fDSJWcnn2yzd7CnZ3LjCAiFwN:1do6+oI2gYN
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2