9d2be2c08e88686f541603ee0a34c7d7261728ec93f4b7deb5c197aabb186c3d | Triage

Sharing

General

Target

9d2be2c08e88686f541603ee0a34c7d7261728ec93f4b7deb5c197aabb186c3d
Size

1.1MB
Sample

221123-qtgrgahg9s
MD5

9a192780edeb706345d71f0f2d727fcb
SHA1

182f6e43953f9b489a33e88d78ef91ca2d8b4f6a
SHA256

9d2be2c08e88686f541603ee0a34c7d7261728ec93f4b7deb5c197aabb186c3d
SHA512

6188ad2dfc220e404236182ecc806de39eb163abc457640156804073c40884672b8b05118d24fb60bb4809788af5f9e02cf114e02012bd06f67327df4cc385eb
SSDEEP

24576:cV4sRoeJ+cSDiKSLcameQfBeP8/rWylYGRyoSWvCp467DTuDy:LeFkiD30Wylf4ofqV7DV

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  9d2be2c08e88686f541603ee0a34c7d7261728ec93f4b7deb5c197aabb186c3d
- Size
  
  1.1MB
- MD5
  
  9a192780edeb706345d71f0f2d727fcb
- SHA1
  
  182f6e43953f9b489a33e88d78ef91ca2d8b4f6a
- SHA256
  
  9d2be2c08e88686f541603ee0a34c7d7261728ec93f4b7deb5c197aabb186c3d
- SHA512
  
  6188ad2dfc220e404236182ecc806de39eb163abc457640156804073c40884672b8b05118d24fb60bb4809788af5f9e02cf114e02012bd06f67327df4cc385eb
- SSDEEP
  
  24576:cV4sRoeJ+cSDiKSLcameQfBeP8/rWylYGRyoSWvCp467DTuDy:LeFkiD30Wylf4ofqV7DV
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2