4104c5bd001d9deb4f8ce36e5f6b573ae4bd6a3b5f3d96717f1f7c9731b51027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4104c5bd001d9deb4f8ce36e5f6b573ae4bd6a3b5f3d96717f1f7c9731b51027
Size

871KB
Sample

221107-yk52psfaa7
MD5

0d3d0221962eeef1a78d5725d8080ac1
SHA1

53cedd489316c4fabfafc349196bc1ad73f19c8e
SHA256

4104c5bd001d9deb4f8ce36e5f6b573ae4bd6a3b5f3d96717f1f7c9731b51027
SHA512

c583d8976c2766bc9817e1ad14ad11e540a7f50d54d58b045edaba9f241f4eccce0a5ce840d849a3344a1ee58158d2a31a8a0dd4236c132c71cc2173a7e57b4a
SSDEEP

24576:UmQFjpDSA6D4QgdfVOFJX+Dh9WcAmdJnOJsfyh:KpGAxVOFJKe8JOJoy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4104c5bd001d9deb4f8ce36e5f6b573ae4bd6a3b5f3d96717f1f7c9731b51027
- Size
  
  871KB
- MD5
  
  0d3d0221962eeef1a78d5725d8080ac1
- SHA1
  
  53cedd489316c4fabfafc349196bc1ad73f19c8e
- SHA256
  
  4104c5bd001d9deb4f8ce36e5f6b573ae4bd6a3b5f3d96717f1f7c9731b51027
- SHA512
  
  c583d8976c2766bc9817e1ad14ad11e540a7f50d54d58b045edaba9f241f4eccce0a5ce840d849a3344a1ee58158d2a31a8a0dd4236c132c71cc2173a7e57b4a
- SSDEEP
  
  24576:UmQFjpDSA6D4QgdfVOFJX+Dh9WcAmdJnOJsfyh:KpGAxVOFJKe8JOJoy
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2