f716d011693a7f678eabf3fc0c1840a71abe433b6c237fd55b557f67b0d351d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f716d011693a7f678eabf3fc0c1840a71abe433b6c237fd55b557f67b0d351d1
Size

260KB
Sample

221107-lbjqwshec7
MD5

0de177ac36fadd32af63e5f8a78da5ba
SHA1

4e59c65d3de0b57b11cf67e7b2d3bc2a07683b31
SHA256

f716d011693a7f678eabf3fc0c1840a71abe433b6c237fd55b557f67b0d351d1
SHA512

d4792b3a5d933da71c5289888cc0ea1977b71647f7a3fb2e09cdeb1bfce959d5e252f972f2814ffb26bd6414a28020fac0bf4a5a3827d11bb9a64290932d9750
SSDEEP

6144:NzK1gF5AC2z44Em6Tvr9mP/qB8i0Ea0heJQ2C6z:jDw44Emqro3qB8RwhODZz

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f716d011693a7f678eabf3fc0c1840a71abe433b6c237fd55b557f67b0d351d1
- Size
  
  260KB
- MD5
  
  0de177ac36fadd32af63e5f8a78da5ba
- SHA1
  
  4e59c65d3de0b57b11cf67e7b2d3bc2a07683b31
- SHA256
  
  f716d011693a7f678eabf3fc0c1840a71abe433b6c237fd55b557f67b0d351d1
- SHA512
  
  d4792b3a5d933da71c5289888cc0ea1977b71647f7a3fb2e09cdeb1bfce959d5e252f972f2814ffb26bd6414a28020fac0bf4a5a3827d11bb9a64290932d9750
- SSDEEP
  
  6144:NzK1gF5AC2z44Em6Tvr9mP/qB8i0Ea0heJQ2C6z:jDw44Emqro3qB8RwhODZz
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2