60bf4a37b8b8688b8093b969232ffb34a3918f1dc83e73b3cbed8ef5da03c4d0 | Triage

Sharing

General

Target

60bf4a37b8b8688b8093b969232ffb34a3918f1dc83e73b3cbed8ef5da03c4d0
Size

330KB
Sample

221123-lq7fhafe2s
MD5

05789d739348e1676df6c702061d942b
SHA1

551efdb39a0fbcf7ec9f70b3ad935028dfd84bbd
SHA256

60bf4a37b8b8688b8093b969232ffb34a3918f1dc83e73b3cbed8ef5da03c4d0
SHA512

534389b9684b0059f3c960d8fa25dd6830fa634f3d776158c961789c0bbf19a5e8c3c9bcb3bdc68d5631b15e6e70c164ee47af4f06886c97e79c3df66bf47179
SSDEEP

6144:vtEQ7FUgTiyUXe2ZsD9eBVtQRlc12iVkIFzW9TLSDoC3FHvKHM9lnH:vayFBiym920jcc1f9a9XS335vH9l

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  60bf4a37b8b8688b8093b969232ffb34a3918f1dc83e73b3cbed8ef5da03c4d0
- Size
  
  330KB
- MD5
  
  05789d739348e1676df6c702061d942b
- SHA1
  
  551efdb39a0fbcf7ec9f70b3ad935028dfd84bbd
- SHA256
  
  60bf4a37b8b8688b8093b969232ffb34a3918f1dc83e73b3cbed8ef5da03c4d0
- SHA512
  
  534389b9684b0059f3c960d8fa25dd6830fa634f3d776158c961789c0bbf19a5e8c3c9bcb3bdc68d5631b15e6e70c164ee47af4f06886c97e79c3df66bf47179
- SSDEEP
  
  6144:vtEQ7FUgTiyUXe2ZsD9eBVtQRlc12iVkIFzW9TLSDoC3FHvKHM9lnH:vayFBiym920jcc1f9a9XS335vH9l
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2