a06f3b67a99e7e8fdd32702e991a0899a398efd62d3a032b11de67b6749ef5d3 | Triage

Sharing

General

Target

a06f3b67a99e7e8fdd32702e991a0899a398efd62d3a032b11de67b6749ef5d3
Size

173KB
Sample

221123-k3bzpaaa63
MD5

f9313f550640d9656d2532fd2ac4a82f
SHA1

cdca29d8301b974543834ab4d13c89365a18e7e8
SHA256

a06f3b67a99e7e8fdd32702e991a0899a398efd62d3a032b11de67b6749ef5d3
SHA512

a2fc8dc95a25ec018fb84439ed17c2af61b15e25e2330f4619e001e64044ce62e6806b0fab2993b4e685065138d8b561e9b7aa3175b27b9cde4e4047e444a1f2
SSDEEP

3072:vXCiLk7ndEFIp8d94jVS1CzyyIsXUiX4rnLGrDfN6syB5yyFyXLUI3Ul3:v4YI09oS1C+y7+QbUIE9

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  a06f3b67a99e7e8fdd32702e991a0899a398efd62d3a032b11de67b6749ef5d3
- Size
  
  173KB
- MD5
  
  f9313f550640d9656d2532fd2ac4a82f
- SHA1
  
  cdca29d8301b974543834ab4d13c89365a18e7e8
- SHA256
  
  a06f3b67a99e7e8fdd32702e991a0899a398efd62d3a032b11de67b6749ef5d3
- SHA512
  
  a2fc8dc95a25ec018fb84439ed17c2af61b15e25e2330f4619e001e64044ce62e6806b0fab2993b4e685065138d8b561e9b7aa3175b27b9cde4e4047e444a1f2
- SSDEEP
  
  3072:vXCiLk7ndEFIp8d94jVS1CzyyIsXUiX4rnLGrDfN6syB5yyFyXLUI3Ul3:v4YI09oS1C+y7+QbUIE9
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2