9b8612675b030802896b962a8fb15b587136be03e9a4e2538fe37238f74f8167 | Triage

Sharing

General

Target

9b8612675b030802896b962a8fb15b587136be03e9a4e2538fe37238f74f8167
Size

138KB
Sample

221123-lqqsraca47
MD5

969597e49f05e2b80c8a17be434d7328
SHA1

d8d5b366854152e68ed8e509d4b7139580f1dbb9
SHA256

9b8612675b030802896b962a8fb15b587136be03e9a4e2538fe37238f74f8167
SHA512

a3624101838b5044b30e867284f0b41c30abf04887c20811f1bc1895abad3f4e2a14512e8fbcd3dc9f6085a506efe1ccbf2b54ba196263bfdc1b72e174ec61bc
SSDEEP

3072:KT3x50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1L3wQGd:KT3oGtmiYlW4A1QvGXjB0QGd

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9b8612675b030802896b962a8fb15b587136be03e9a4e2538fe37238f74f8167
- Size
  
  138KB
- MD5
  
  969597e49f05e2b80c8a17be434d7328
- SHA1
  
  d8d5b366854152e68ed8e509d4b7139580f1dbb9
- SHA256
  
  9b8612675b030802896b962a8fb15b587136be03e9a4e2538fe37238f74f8167
- SHA512
  
  a3624101838b5044b30e867284f0b41c30abf04887c20811f1bc1895abad3f4e2a14512e8fbcd3dc9f6085a506efe1ccbf2b54ba196263bfdc1b72e174ec61bc
- SSDEEP
  
  3072:KT3x50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1L3wQGd:KT3oGtmiYlW4A1QvGXjB0QGd
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2