b78378a1fe2dad7af6d9cae3c7f519d5a2c88302326f7c452ed04608e32bff64 | Triage

Sharing

General

Target

b78378a1fe2dad7af6d9cae3c7f519d5a2c88302326f7c452ed04608e32bff64
Size

52KB
Sample

221121-t43cpshe99
MD5

11e14813e9769a38d403e8e8ea0e1b78
SHA1

8854b148d14f0201b6276fbbb8d7ba24f733b12e
SHA256

b78378a1fe2dad7af6d9cae3c7f519d5a2c88302326f7c452ed04608e32bff64
SHA512

66ff130cc5598f22c0dbc1edf8ced6c6df84fd5cb2807676cede1979dc906c887d65116c5b56e2ffd12c7a7259c0088082322ff4c7e7c6ae4860ff890fcb67f3
SSDEEP

768:6ohQtBJNVWPmOtk67tvf7T+Cze0x712S7QD1s2QSndGogl9oKJG:6DknW67BvsMx2S7219fndxa9hG

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b78378a1fe2dad7af6d9cae3c7f519d5a2c88302326f7c452ed04608e32bff64
- Size
  
  52KB
- MD5
  
  11e14813e9769a38d403e8e8ea0e1b78
- SHA1
  
  8854b148d14f0201b6276fbbb8d7ba24f733b12e
- SHA256
  
  b78378a1fe2dad7af6d9cae3c7f519d5a2c88302326f7c452ed04608e32bff64
- SHA512
  
  66ff130cc5598f22c0dbc1edf8ced6c6df84fd5cb2807676cede1979dc906c887d65116c5b56e2ffd12c7a7259c0088082322ff4c7e7c6ae4860ff890fcb67f3
- SSDEEP
  
  768:6ohQtBJNVWPmOtk67tvf7T+Cze0x712S7QD1s2QSndGogl9oKJG:6DknW67BvsMx2S7219fndxa9hG
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2