7b76c17c1e6a9fabe541335c809bf31c9b9c657c07691a2104ecd53e8a413f04 | Triage

Sharing

General

Target

7b76c17c1e6a9fabe541335c809bf31c9b9c657c07691a2104ecd53e8a413f04
Size

278KB
Sample

221123-lrb1zsca83
MD5

4eed0b3a6f50357026d5aea58dd59391
SHA1

ebd88e5f0be0033c49b6105272864469535cc459
SHA256

7b76c17c1e6a9fabe541335c809bf31c9b9c657c07691a2104ecd53e8a413f04
SHA512

76f84fe95e1e2a67e0739f609db235fa5894efb9ea06c4cf0905955b21fbee7fc612061e117323433b65bc7b268f9b0cfae316eef36eb771cf60e1ba3791c032
SSDEEP

6144:ZYk7R3xF3BEuTP0PvdA8r1erABpxEJPlLsiJEwpClkSm4krOLS:ZYeB0uT8Hq6erABvuPl5GRkkS

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7b76c17c1e6a9fabe541335c809bf31c9b9c657c07691a2104ecd53e8a413f04
- Size
  
  278KB
- MD5
  
  4eed0b3a6f50357026d5aea58dd59391
- SHA1
  
  ebd88e5f0be0033c49b6105272864469535cc459
- SHA256
  
  7b76c17c1e6a9fabe541335c809bf31c9b9c657c07691a2104ecd53e8a413f04
- SHA512
  
  76f84fe95e1e2a67e0739f609db235fa5894efb9ea06c4cf0905955b21fbee7fc612061e117323433b65bc7b268f9b0cfae316eef36eb771cf60e1ba3791c032
- SSDEEP
  
  6144:ZYk7R3xF3BEuTP0PvdA8r1erABpxEJPlLsiJEwpClkSm4krOLS:ZYeB0uT8Hq6erABvuPl5GRkkS
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2