f4c3fbcb0cb49eb172a787d7f28e9498314a4eb4e816adfdb1fe21442ab75eb3 | Triage

Sharing

General

Target

f4c3fbcb0cb49eb172a787d7f28e9498314a4eb4e816adfdb1fe21442ab75eb3
Size

328KB
Sample

221123-pxfsxacd87
MD5

366d97157eac76fd1e06a2845e24a5b1
SHA1

53374813284e934e7a57f590fbf44cd97a2af3ee
SHA256

f4c3fbcb0cb49eb172a787d7f28e9498314a4eb4e816adfdb1fe21442ab75eb3
SHA512

404fbbe5cfee174f2d21071d8bbc0e61ab1e9f69604b898f0645817e0f4655d21df0de2139b4bae76127c1384c39532e719f756d53d5e0310d552e6a2b4154d2
SSDEEP

6144:5NyF/LMHaCjQNiOKzHkVF8C+zV5qEiiYGZSVQg6GreDBSBcnTSbYqm:HytLCBkBKmF8TzkcEeQBGEm

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f4c3fbcb0cb49eb172a787d7f28e9498314a4eb4e816adfdb1fe21442ab75eb3
- Size
  
  328KB
- MD5
  
  366d97157eac76fd1e06a2845e24a5b1
- SHA1
  
  53374813284e934e7a57f590fbf44cd97a2af3ee
- SHA256
  
  f4c3fbcb0cb49eb172a787d7f28e9498314a4eb4e816adfdb1fe21442ab75eb3
- SHA512
  
  404fbbe5cfee174f2d21071d8bbc0e61ab1e9f69604b898f0645817e0f4655d21df0de2139b4bae76127c1384c39532e719f756d53d5e0310d552e6a2b4154d2
- SSDEEP
  
  6144:5NyF/LMHaCjQNiOKzHkVF8C+zV5qEiiYGZSVQg6GreDBSBcnTSbYqm:HytLCBkBKmF8TzkcEeQBGEm
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2