082edd051c8bd06c89ee92ff6447ea0723a31391b1eb1b2c8dcf95f0b33f8e04 | Triage

Sharing

General

Target

082edd051c8bd06c89ee92ff6447ea0723a31391b1eb1b2c8dcf95f0b33f8e04
Size

164KB
Sample

221030-qwgjgscff5
MD5

a30ad77348a53d2126bedb47df7a2de6
SHA1

e432d3460dde11734739cfcb9bc01f51990438b8
SHA256

082edd051c8bd06c89ee92ff6447ea0723a31391b1eb1b2c8dcf95f0b33f8e04
SHA512

baabdb39b024bdb5a71ef943b1f361907cb236e94eb84a2249b145fb2733616cb34e4ffd722f61cb3153ae3ac3517644bbe999702fadbca2ff5a78a81da170e6
SSDEEP

1536:gkWbhgW5o1oS4l1TfG8Umu3/IdsGmPIxl8F4L0a8fcqyLz21Qak6afX3kco7b:FW+1oS4l5OeuQdrmwvL8EqF

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  082edd051c8bd06c89ee92ff6447ea0723a31391b1eb1b2c8dcf95f0b33f8e04
- Size
  
  164KB
- MD5
  
  a30ad77348a53d2126bedb47df7a2de6
- SHA1
  
  e432d3460dde11734739cfcb9bc01f51990438b8
- SHA256
  
  082edd051c8bd06c89ee92ff6447ea0723a31391b1eb1b2c8dcf95f0b33f8e04
- SHA512
  
  baabdb39b024bdb5a71ef943b1f361907cb236e94eb84a2249b145fb2733616cb34e4ffd722f61cb3153ae3ac3517644bbe999702fadbca2ff5a78a81da170e6
- SSDEEP
  
  1536:gkWbhgW5o1oS4l1TfG8Umu3/IdsGmPIxl8F4L0a8fcqyLz21Qak6afX3kco7b:FW+1oS4l5OeuQdrmwvL8EqF
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2