ba87b618c7f88a99d0e748e920c3640236aa541a6dadb7a4ba099c99cceaf88d | Triage

Sharing

General

Target

ba87b618c7f88a99d0e748e920c3640236aa541a6dadb7a4ba099c99cceaf88d
Size

249KB
Sample

221123-qhlw2sea73
MD5

06e7e5eafb4fec8b5f8a6784bf88fb33
SHA1

9ef3579ac03c259f74bd30bc61a28f91629b89d1
SHA256

ba87b618c7f88a99d0e748e920c3640236aa541a6dadb7a4ba099c99cceaf88d
SHA512

47e5cfb69878c6d8a4c3a234d73dcc852b35887c71fbe44e3e1ec026314005f4b81dc3860c3eb4e6c5f75586ab53a594f2163d828af4dbec7367d1f65a231bf5
SSDEEP

3072:4+SEhQSs2ko/CJAyBCTY3w6IhJVxW6k/PeKmKv4CX1fOMicRUYpBr+a3c9:47EFao/CJAyBAYXqr4p/Pel+48ZiSWP

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ba87b618c7f88a99d0e748e920c3640236aa541a6dadb7a4ba099c99cceaf88d
- Size
  
  249KB
- MD5
  
  06e7e5eafb4fec8b5f8a6784bf88fb33
- SHA1
  
  9ef3579ac03c259f74bd30bc61a28f91629b89d1
- SHA256
  
  ba87b618c7f88a99d0e748e920c3640236aa541a6dadb7a4ba099c99cceaf88d
- SHA512
  
  47e5cfb69878c6d8a4c3a234d73dcc852b35887c71fbe44e3e1ec026314005f4b81dc3860c3eb4e6c5f75586ab53a594f2163d828af4dbec7367d1f65a231bf5
- SSDEEP
  
  3072:4+SEhQSs2ko/CJAyBCTY3w6IhJVxW6k/PeKmKv4CX1fOMicRUYpBr+a3c9:47EFao/CJAyBAYXqr4p/Pel+48ZiSWP
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2