dfa5ce86f0b45fa508cdcf2db4664c3c620686da12535fccdc68daba96522466 | Triage

Sharing

General

Target

dfa5ce86f0b45fa508cdcf2db4664c3c620686da12535fccdc68daba96522466
Size

234KB
Sample

221106-hzpp9sbgdq
MD5

228e58f796e7835549f6e075e7a9da81
SHA1

7d5aff02a94c32dd860823efdbbf896049004351
SHA256

dfa5ce86f0b45fa508cdcf2db4664c3c620686da12535fccdc68daba96522466
SHA512

b53dee006a03f0245ef98b4681f70f13d478fc27079b106ddf44ff76c06bf3521bed226cc4129c5f8c306af283908625048b62ab1ab68eb81e69531d90375927
SSDEEP

6144:yEK6XbRw6rXobqBoCygkSKyF1h+8T+nLcCG://XbS6piCwSKsCY9

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dfa5ce86f0b45fa508cdcf2db4664c3c620686da12535fccdc68daba96522466
- Size
  
  234KB
- MD5
  
  228e58f796e7835549f6e075e7a9da81
- SHA1
  
  7d5aff02a94c32dd860823efdbbf896049004351
- SHA256
  
  dfa5ce86f0b45fa508cdcf2db4664c3c620686da12535fccdc68daba96522466
- SHA512
  
  b53dee006a03f0245ef98b4681f70f13d478fc27079b106ddf44ff76c06bf3521bed226cc4129c5f8c306af283908625048b62ab1ab68eb81e69531d90375927
- SSDEEP
  
  6144:yEK6XbRw6rXobqBoCygkSKyF1h+8T+nLcCG://XbS6piCwSKsCY9
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2