8103e34bccf94c1171907b88cb5a257d015e6a6a15ffe6b341c4fe8301ee60f6 | Triage

Sharing

General

Target

8103e34bccf94c1171907b88cb5a257d015e6a6a15ffe6b341c4fe8301ee60f6
Size

311KB
Sample

221030-pwd8pabad9
MD5

a3962bf2a21f34818449e04019363650
SHA1

f39694542a2074d66b271fcc12fd6195aba513a7
SHA256

8103e34bccf94c1171907b88cb5a257d015e6a6a15ffe6b341c4fe8301ee60f6
SHA512

53128eb391e59cadaa0105ec8cc665d5dea54874085a9f342803fd3927f7db1313b91b9c8013e8512d91e02d8db177d588f722c662edff5be69fc28f79701e95
SSDEEP

6144:e9YMRrQyO3CvUD0nV+10e+cDCRpuASljKWT8d8ctrIN3CW:OZa3w5eXORkjKWwamU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8103e34bccf94c1171907b88cb5a257d015e6a6a15ffe6b341c4fe8301ee60f6
- Size
  
  311KB
- MD5
  
  a3962bf2a21f34818449e04019363650
- SHA1
  
  f39694542a2074d66b271fcc12fd6195aba513a7
- SHA256
  
  8103e34bccf94c1171907b88cb5a257d015e6a6a15ffe6b341c4fe8301ee60f6
- SHA512
  
  53128eb391e59cadaa0105ec8cc665d5dea54874085a9f342803fd3927f7db1313b91b9c8013e8512d91e02d8db177d588f722c662edff5be69fc28f79701e95
- SSDEEP
  
  6144:e9YMRrQyO3CvUD0nV+10e+cDCRpuASljKWT8d8ctrIN3CW:OZa3w5eXORkjKWwamU
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2