2d3c3dd584b3a2048ce9ece8d863dec7211e401306e3261d748b419b076e8b8d | Triage

Sharing

General

Target

2d3c3dd584b3a2048ce9ece8d863dec7211e401306e3261d748b419b076e8b8d
Size

138KB
Sample

221123-lqr1taca52
MD5

e5cd7d269bef4eb81bca4c61d8dd5785
SHA1

f2b0fafe84c7ac0941309174cbd8157586d36346
SHA256

2d3c3dd584b3a2048ce9ece8d863dec7211e401306e3261d748b419b076e8b8d
SHA512

de0da2e5fd5a96d378b479f8d504c6539a48f4ebbb620d8f9f7cf21ca662ddeff6e39f1da05d5e5953a966fd37a4d7ce52b8581ff94afcc815d65f8a27276d80
SSDEEP

3072:KTqx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1WMx3wQGE:KTqoGtmiYlW4A1QvGXjBWhQGE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2d3c3dd584b3a2048ce9ece8d863dec7211e401306e3261d748b419b076e8b8d
- Size
  
  138KB
- MD5
  
  e5cd7d269bef4eb81bca4c61d8dd5785
- SHA1
  
  f2b0fafe84c7ac0941309174cbd8157586d36346
- SHA256
  
  2d3c3dd584b3a2048ce9ece8d863dec7211e401306e3261d748b419b076e8b8d
- SHA512
  
  de0da2e5fd5a96d378b479f8d504c6539a48f4ebbb620d8f9f7cf21ca662ddeff6e39f1da05d5e5953a966fd37a4d7ce52b8581ff94afcc815d65f8a27276d80
- SSDEEP
  
  3072:KTqx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1WMx3wQGE:KTqoGtmiYlW4A1QvGXjBWhQGE
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2