c675a2ab7056196156c101cbe24426465f40236915a7884405b9c69953762d55 | Triage

Sharing

General

Target

c675a2ab7056196156c101cbe24426465f40236915a7884405b9c69953762d55
Size

296KB
Sample

221123-nb29cagd42
MD5

bb760a406a419ca138d5ce6ce94e1658
SHA1

b4142b06b5d3ad1ee9e0cadc5ad165c14bc416b5
SHA256

c675a2ab7056196156c101cbe24426465f40236915a7884405b9c69953762d55
SHA512

4570b9f45127c8d75dc7f2433c36b114101c5b76f5485c0595ca209b38dc7ca90a81bf828b4246d84d5749d1a707ae6f22223453dc83e8ddc8da8d4455e5e31e
SSDEEP

6144:F7eH4vkz9VX/XCpprDXza2GQwIpJV/g/S0XgBfIaB2:deH4yPY5DDa27wIPBgDXgpI

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c675a2ab7056196156c101cbe24426465f40236915a7884405b9c69953762d55
- Size
  
  296KB
- MD5
  
  bb760a406a419ca138d5ce6ce94e1658
- SHA1
  
  b4142b06b5d3ad1ee9e0cadc5ad165c14bc416b5
- SHA256
  
  c675a2ab7056196156c101cbe24426465f40236915a7884405b9c69953762d55
- SHA512
  
  4570b9f45127c8d75dc7f2433c36b114101c5b76f5485c0595ca209b38dc7ca90a81bf828b4246d84d5749d1a707ae6f22223453dc83e8ddc8da8d4455e5e31e
- SSDEEP
  
  6144:F7eH4vkz9VX/XCpprDXza2GQwIpJV/g/S0XgBfIaB2:deH4yPY5DDa27wIPBgDXgpI
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2