0fb2acc83d60301102cda6e78db8cd4546e774bac836bf87c633c3fd1a86b1e0 | Triage

Sharing

General

Target

0fb2acc83d60301102cda6e78db8cd4546e774bac836bf87c633c3fd1a86b1e0
Size

138KB
Sample

221123-lqtjmsca53
MD5

6d8819c8210134eb975c152c08279a72
SHA1

4f44d19399ddfb84ff1fdbd8f1881ab77d65cf2b
SHA256

0fb2acc83d60301102cda6e78db8cd4546e774bac836bf87c633c3fd1a86b1e0
SHA512

1737e0d3076192d94cc8ebfb0babac39f027a73f4c72e40d669cbaf71b2cf645c09c40da413913c294d239dae20e66d915ce95f3e5cb3fbc96e5acca6102c9dd
SSDEEP

3072:KTSx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1b3wQGl:KTSoGtmiYlW4A1QvGXjBkQGl

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0fb2acc83d60301102cda6e78db8cd4546e774bac836bf87c633c3fd1a86b1e0
- Size
  
  138KB
- MD5
  
  6d8819c8210134eb975c152c08279a72
- SHA1
  
  4f44d19399ddfb84ff1fdbd8f1881ab77d65cf2b
- SHA256
  
  0fb2acc83d60301102cda6e78db8cd4546e774bac836bf87c633c3fd1a86b1e0
- SHA512
  
  1737e0d3076192d94cc8ebfb0babac39f027a73f4c72e40d669cbaf71b2cf645c09c40da413913c294d239dae20e66d915ce95f3e5cb3fbc96e5acca6102c9dd
- SSDEEP
  
  3072:KTSx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1b3wQGl:KTSoGtmiYlW4A1QvGXjBkQGl
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2