8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d | Triage

Sharing

General

Target

8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d
Size

293KB
Sample

221030-pr8azaagh5
MD5

a30cd5bfa26fd51fbc19699d68f0b280
SHA1

a50ac31e2ae8fe381ad9ed421996b79110ab4c79
SHA256

8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d
SHA512

4d2e7af751eb6bf2c45edfe555ae64b4940adb2a0aa57e7c4dd9d8bd4f738af321d567cc285f5ef74d8c5278d7130cb9b714f8052ce8b7a0a08b119c6435101e
SSDEEP

6144:yInnexrhHJpdrRAYtU7ZDA8SltgcZWa9ByqFQ2VYhUq:NeFTrRAYtU7ZDA8SWa9U17Uq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d
- Size
  
  293KB
- MD5
  
  a30cd5bfa26fd51fbc19699d68f0b280
- SHA1
  
  a50ac31e2ae8fe381ad9ed421996b79110ab4c79
- SHA256
  
  8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d
- SHA512
  
  4d2e7af751eb6bf2c45edfe555ae64b4940adb2a0aa57e7c4dd9d8bd4f738af321d567cc285f5ef74d8c5278d7130cb9b714f8052ce8b7a0a08b119c6435101e
- SSDEEP
  
  6144:yInnexrhHJpdrRAYtU7ZDA8SltgcZWa9ByqFQ2VYhUq:NeFTrRAYtU7ZDA8SWa9U17Uq
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2