52a24cf49cb784b7b1986010b598a50f0d9d4644af9472ed8d1e2a0c94b2e722 | Triage

Sharing

General

Target

52a24cf49cb784b7b1986010b598a50f0d9d4644af9472ed8d1e2a0c94b2e722
Size

330KB
Sample

221107-qbty3sbber
MD5

0e555a0a44ab5d4ca550dfcf10968c6b
SHA1

59c8fd31589e42a53754d49a1f8d79050665db58
SHA256

52a24cf49cb784b7b1986010b598a50f0d9d4644af9472ed8d1e2a0c94b2e722
SHA512

ec4c284153b2be390333a035d4dec1556de2bca5ae1aae1ee10efffdd8e8cf4ea0518de6e59563e1fb7762c7d371464dd1eb928b6eda94f4b610ec2b207a582e
SSDEEP

6144:xxAl+L7TuevSla3TdKQtK6f1g+GcG8DCqabJaqvAz:x2l+LdvSlItK60ctCq4Yz

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  52a24cf49cb784b7b1986010b598a50f0d9d4644af9472ed8d1e2a0c94b2e722
- Size
  
  330KB
- MD5
  
  0e555a0a44ab5d4ca550dfcf10968c6b
- SHA1
  
  59c8fd31589e42a53754d49a1f8d79050665db58
- SHA256
  
  52a24cf49cb784b7b1986010b598a50f0d9d4644af9472ed8d1e2a0c94b2e722
- SHA512
  
  ec4c284153b2be390333a035d4dec1556de2bca5ae1aae1ee10efffdd8e8cf4ea0518de6e59563e1fb7762c7d371464dd1eb928b6eda94f4b610ec2b207a582e
- SSDEEP
  
  6144:xxAl+L7TuevSla3TdKQtK6f1g+GcG8DCqabJaqvAz:x2l+LdvSlItK60ctCq4Yz
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2