db3b9cea5593ffc9085bbebc5b8ed75dcec66efae2a128df7a510544f9d2c633 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db3b9cea5593ffc9085bbebc5b8ed75dcec66efae2a128df7a510544f9d2c633
Size

231KB
Sample

221030-vaevzsaeg2
MD5

81ac5d0f88c6e1c6b0f99c73e44ebaa6
SHA1

39efb348cbcf8b0073576a4b10a5fd9be61e6994
SHA256

db3b9cea5593ffc9085bbebc5b8ed75dcec66efae2a128df7a510544f9d2c633
SHA512

769302c1e234c0419a460713bd90384b7b60da434d7474fa535c9903cae6fdbff1cfa6985d81d142cdb6b71c8384d1837cb5375eef24404ce262601fb507f163
SSDEEP

6144:2MKQmyU9t8GzmC1MrvylCUI+0BeTvI3ljr7/pGDR50ZkYZadmclwOSwXoH2n:25Qmf8osQ0B3VH/DZHU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  db3b9cea5593ffc9085bbebc5b8ed75dcec66efae2a128df7a510544f9d2c633
- Size
  
  231KB
- MD5
  
  81ac5d0f88c6e1c6b0f99c73e44ebaa6
- SHA1
  
  39efb348cbcf8b0073576a4b10a5fd9be61e6994
- SHA256
  
  db3b9cea5593ffc9085bbebc5b8ed75dcec66efae2a128df7a510544f9d2c633
- SHA512
  
  769302c1e234c0419a460713bd90384b7b60da434d7474fa535c9903cae6fdbff1cfa6985d81d142cdb6b71c8384d1837cb5375eef24404ce262601fb507f163
- SSDEEP
  
  6144:2MKQmyU9t8GzmC1MrvylCUI+0BeTvI3ljr7/pGDR50ZkYZadmclwOSwXoH2n:25Qmf8osQ0B3VH/DZHU
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2