1df466615b70a7197e894b3ec333ce134593cb6932c74dcdf6491e3c5f7224a1 | Triage

Sharing

General

Target

1df466615b70a7197e894b3ec333ce134593cb6932c74dcdf6491e3c5f7224a1
Size

341KB
Sample

221123-l1daeacg46
MD5

fe7d0c5786b24efc2b7e6520a24ccf4c
SHA1

be0f2a8a108426c514d3c4d5819b87b921b41e52
SHA256

1df466615b70a7197e894b3ec333ce134593cb6932c74dcdf6491e3c5f7224a1
SHA512

bfc1e350ea9365f94183db17dca728a3ce89421beaef1381bb09c2e823e3765bc5563c77459767c300a79e5cacba404bfdd32b77046c99ed912d37c0dfcdee9c
SSDEEP

6144:h2TX+xO9QNaDyPk9gcTher8o/xPh+PWmp2k98mrjI3s:hqXsO98a+cter8kPMxp2Jc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1df466615b70a7197e894b3ec333ce134593cb6932c74dcdf6491e3c5f7224a1
- Size
  
  341KB
- MD5
  
  fe7d0c5786b24efc2b7e6520a24ccf4c
- SHA1
  
  be0f2a8a108426c514d3c4d5819b87b921b41e52
- SHA256
  
  1df466615b70a7197e894b3ec333ce134593cb6932c74dcdf6491e3c5f7224a1
- SHA512
  
  bfc1e350ea9365f94183db17dca728a3ce89421beaef1381bb09c2e823e3765bc5563c77459767c300a79e5cacba404bfdd32b77046c99ed912d37c0dfcdee9c
- SSDEEP
  
  6144:h2TX+xO9QNaDyPk9gcTher8o/xPh+PWmp2k98mrjI3s:hqXsO98a+cter8kPMxp2Jc
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2