8d31cac0e934cefc7992a33b3e978ea47e45d1c20544476f67a61dde9dc258c7 | Triage

Sharing

General

Target

8d31cac0e934cefc7992a33b3e978ea47e45d1c20544476f67a61dde9dc258c7
Size

355KB
Sample

221106-j26l8sdfdn
MD5

11f552e658b00d4a05a2881c1ae83b81
SHA1

e191e0c6839d6655ea3da377a70638f4e69d7490
SHA256

8d31cac0e934cefc7992a33b3e978ea47e45d1c20544476f67a61dde9dc258c7
SHA512

ccb6283fcc4db118478911b82cf48cfe75e13f46c265953992510ac0b04ddebc5b4cb094e9aed08a8d03a02c40c95de97cdbec296b8917ee60058fa0baaa8c4b
SSDEEP

6144:5kH1CNBlRqTDxpUMgZZjUytUTNotV//0C2F/RZ5sG82zp2LhfbMXifzPIPDAZ:NvlRqTDxpUMgnjIytF//2F/RZ5820Ltr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8d31cac0e934cefc7992a33b3e978ea47e45d1c20544476f67a61dde9dc258c7
- Size
  
  355KB
- MD5
  
  11f552e658b00d4a05a2881c1ae83b81
- SHA1
  
  e191e0c6839d6655ea3da377a70638f4e69d7490
- SHA256
  
  8d31cac0e934cefc7992a33b3e978ea47e45d1c20544476f67a61dde9dc258c7
- SHA512
  
  ccb6283fcc4db118478911b82cf48cfe75e13f46c265953992510ac0b04ddebc5b4cb094e9aed08a8d03a02c40c95de97cdbec296b8917ee60058fa0baaa8c4b
- SSDEEP
  
  6144:5kH1CNBlRqTDxpUMgZZjUytUTNotV//0C2F/RZ5sG82zp2LhfbMXifzPIPDAZ:NvlRqTDxpUMgnjIytF//2F/RZ5820Ltr
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2