2c10cd1e7c77f4f29ae55ddec87651b88a1390f108bbd963896c2d622f5b5f25 | Triage

Sharing

General

Target

2c10cd1e7c77f4f29ae55ddec87651b88a1390f108bbd963896c2d622f5b5f25
Size

938KB
Sample

221123-2wdy5sah62
MD5

41224a327806be3020c2b4424656ce37
SHA1

2d9812e7a879f2a34d97d7f97063491a8e1fd1cb
SHA256

2c10cd1e7c77f4f29ae55ddec87651b88a1390f108bbd963896c2d622f5b5f25
SHA512

797bf710d5496c8b22c63b32138b093e2e6f9f3eb4e97491056a0b104e30225cc5c7ff76ae3f56c5f7c8019a9f53aaf2d018511492cc25c8376fede8624958aa
SSDEEP

12288:Dzr6T2E7eqY0uCdtx0F9Ul3LinVHYAinSIsr/7eVDMLgxYAinSIsr/7eVDMLg:j6aEJYtS8FU3L+piS6VDtiS6VD

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2c10cd1e7c77f4f29ae55ddec87651b88a1390f108bbd963896c2d622f5b5f25
- Size
  
  938KB
- MD5
  
  41224a327806be3020c2b4424656ce37
- SHA1
  
  2d9812e7a879f2a34d97d7f97063491a8e1fd1cb
- SHA256
  
  2c10cd1e7c77f4f29ae55ddec87651b88a1390f108bbd963896c2d622f5b5f25
- SHA512
  
  797bf710d5496c8b22c63b32138b093e2e6f9f3eb4e97491056a0b104e30225cc5c7ff76ae3f56c5f7c8019a9f53aaf2d018511492cc25c8376fede8624958aa
- SSDEEP
  
  12288:Dzr6T2E7eqY0uCdtx0F9Ul3LinVHYAinSIsr/7eVDMLgxYAinSIsr/7eVDMLg:j6aEJYtS8FU3L+piS6VDtiS6VD
Score

7^/10

persistence
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2