936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c | Triage

Sharing

General

Target

936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c
Size

270KB
Sample

221123-m9ckxagb65
MD5

b3a76e5fbec66b688634bf9fcfc772b8
SHA1

f20b911329c0b2598622125026b36ac26192f351
SHA256

936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c
SHA512

a05e16c0e1ebebeefcbf12ffe636851b52fa4edc3c87d71d4366435f86b440954709a0add0d50dede17e1e6329b88290ca5b3e06f16769ba309dae88183b9033
SSDEEP

6144:TtjpoIzqvoArlO+Bei92/pWTxq/fnx7GDrRcJIcxyCq0hzfb:Bcvo8LVq/PERcHxywb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c
- Size
  
  270KB
- MD5
  
  b3a76e5fbec66b688634bf9fcfc772b8
- SHA1
  
  f20b911329c0b2598622125026b36ac26192f351
- SHA256
  
  936492d66e50d3968be242ead680f1c875df9887e936863db32766d523e9090c
- SHA512
  
  a05e16c0e1ebebeefcbf12ffe636851b52fa4edc3c87d71d4366435f86b440954709a0add0d50dede17e1e6329b88290ca5b3e06f16769ba309dae88183b9033
- SSDEEP
  
  6144:TtjpoIzqvoArlO+Bei92/pWTxq/fnx7GDrRcJIcxyCq0hzfb:Bcvo8LVq/PERcHxywb
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2