8f754e2bfa013020f14d498b5ade5c139163e31dae1ec34975381efeff30f2e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f754e2bfa013020f14d498b5ade5c139163e31dae1ec34975381efeff30f2e3
Size

916KB
Sample

221104-ha293aedhj
MD5

b47421708ca3dad05508493e66f6f457
SHA1

420495653d5b6d97060afccf189795ffad4bc2dd
SHA256

8f754e2bfa013020f14d498b5ade5c139163e31dae1ec34975381efeff30f2e3
SHA512

4384c4216254878e9f19f2eaa78c3e80a39ed395e422794ba5a28c7fa2974d0b232e30298053bbe1332187e19095fcd0fef1d2c1122084c07712eac906cbd4db
SSDEEP

12288:gzclM+UH05tInZvocVvn303vn6VTWYL0p0v/cQI1TqNH1vDx4VUKG/DmxKzRVIEp:gl/4OnNoUveeTdASvtIm1K9G/Dw4d

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8f754e2bfa013020f14d498b5ade5c139163e31dae1ec34975381efeff30f2e3
- Size
  
  916KB
- MD5
  
  b47421708ca3dad05508493e66f6f457
- SHA1
  
  420495653d5b6d97060afccf189795ffad4bc2dd
- SHA256
  
  8f754e2bfa013020f14d498b5ade5c139163e31dae1ec34975381efeff30f2e3
- SHA512
  
  4384c4216254878e9f19f2eaa78c3e80a39ed395e422794ba5a28c7fa2974d0b232e30298053bbe1332187e19095fcd0fef1d2c1122084c07712eac906cbd4db
- SSDEEP
  
  12288:gzclM+UH05tInZvocVvn303vn6VTWYL0p0v/cQI1TqNH1vDx4VUKG/DmxKzRVIEp:gl/4OnNoUveeTdASvtIm1K9G/Dw4d
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Process Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1