099edb8d414c1203c093419569582272c94d6fa7814f61ad753fde824fafe87c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

099edb8d414c1203c093419569582272c94d6fa7814f61ad753fde824fafe87c
Size

118KB
Sample

221123-24mk9abd85
MD5

441892ddcce4d5e549751f8ca1825590
SHA1

3b0a591463bf7c1da0038dac1a58a442fdf0f10a
SHA256

099edb8d414c1203c093419569582272c94d6fa7814f61ad753fde824fafe87c
SHA512

845fe6b533b6030d2187efe4fbb43b9001c1bb54f491361dfd251307cf42bc29fe90dc881f0013650dd002da335e92938923fed48f6c439953ed016af2f6e34b
SSDEEP

3072:BLOe/5R1g2is7AcvhlFOSQUZqZE38jV7kHoMxUXHOxc:BLO8ccvhlFzdZ2EC7ooGUXOxc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  099edb8d414c1203c093419569582272c94d6fa7814f61ad753fde824fafe87c
- Size
  
  118KB
- MD5
  
  441892ddcce4d5e549751f8ca1825590
- SHA1
  
  3b0a591463bf7c1da0038dac1a58a442fdf0f10a
- SHA256
  
  099edb8d414c1203c093419569582272c94d6fa7814f61ad753fde824fafe87c
- SHA512
  
  845fe6b533b6030d2187efe4fbb43b9001c1bb54f491361dfd251307cf42bc29fe90dc881f0013650dd002da335e92938923fed48f6c439953ed016af2f6e34b
- SSDEEP
  
  3072:BLOe/5R1g2is7AcvhlFOSQUZqZE38jV7kHoMxUXHOxc:BLO8ccvhlFzdZ2EC7ooGUXOxc
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2