c05786950e98389602621418e49718c76aacfd4e6dba0f313ba241cdaadf4fed | Triage

Sharing

General

Target

c05786950e98389602621418e49718c76aacfd4e6dba0f313ba241cdaadf4fed
Size

310KB
Sample

221030-pa7m4saah3
MD5

a30f2c81df70be83d0d55bc82112dc00
SHA1

e977a5eec190b67efae9a98d2f0a34affa2de1bd
SHA256

c05786950e98389602621418e49718c76aacfd4e6dba0f313ba241cdaadf4fed
SHA512

3805ce02f9a574d902d1e400e27139b5842b35fafa17a9179b0c86ce5d5a8a63c6c14c43ae387ad37fa685ddba4c1eaebbab70134cb4ae3277d6ee6884d508ff
SSDEEP

6144:m4gmYsNiApqa2VEcb9a6dYTuFIpxVVv8ZsmHRzlN:m49FNtqaQV9GuFehGB

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c05786950e98389602621418e49718c76aacfd4e6dba0f313ba241cdaadf4fed
- Size
  
  310KB
- MD5
  
  a30f2c81df70be83d0d55bc82112dc00
- SHA1
  
  e977a5eec190b67efae9a98d2f0a34affa2de1bd
- SHA256
  
  c05786950e98389602621418e49718c76aacfd4e6dba0f313ba241cdaadf4fed
- SHA512
  
  3805ce02f9a574d902d1e400e27139b5842b35fafa17a9179b0c86ce5d5a8a63c6c14c43ae387ad37fa685ddba4c1eaebbab70134cb4ae3277d6ee6884d508ff
- SSDEEP
  
  6144:m4gmYsNiApqa2VEcb9a6dYTuFIpxVVv8ZsmHRzlN:m49FNtqaQV9GuFehGB
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2