283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c | Triage

Sharing

General

Target

283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c
Size

506KB
Sample

221123-lz9xzsgb4v
MD5

372656a7afe1d76f989611d3af60968f
SHA1

479ba87ea89e90441e9f52a7fa153a4f655eb01e
SHA256

283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c
SHA512

add8752831831aa0b54f58929999f1f2b114807344af921df4a1922a7b3d91965a4dfeed0b185fc3967d536e085e86e4dc9261338eed9a612ffd97dd75c7615c
SSDEEP

6144:FuLziM8pQnuuudy/TuuuZqcoxBIU9CdGKuuue+dVJwiVrHtfkK5PHxE1pz7nAWEt:FuniMIyCRcB5CdGqyvaK5PGqWzu7

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c
- Size
  
  506KB
- MD5
  
  372656a7afe1d76f989611d3af60968f
- SHA1
  
  479ba87ea89e90441e9f52a7fa153a4f655eb01e
- SHA256
  
  283d13bed1144e840de187c197bdcbdbfcc8b2409dd9bec5bababb8801804c3c
- SHA512
  
  add8752831831aa0b54f58929999f1f2b114807344af921df4a1922a7b3d91965a4dfeed0b185fc3967d536e085e86e4dc9261338eed9a612ffd97dd75c7615c
- SSDEEP
  
  6144:FuLziM8pQnuuudy/TuuuZqcoxBIU9CdGKuuue+dVJwiVrHtfkK5PHxE1pz7nAWEt:FuniMIyCRcB5CdGqyvaK5PGqWzu7
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2