98200cc0ff273cfec73adf55562836adec4c86e85ec4f31dea7d233d54df4393 | Triage

Sharing

General

Target

98200cc0ff273cfec73adf55562836adec4c86e85ec4f31dea7d233d54df4393
Size

300KB
Sample

221123-qv56fsfa23
MD5

1e65378ed7d208e3f7d3700f32b73cf1
SHA1

eb49144024cd00e2d2aac7c8adf13d89cc2a5535
SHA256

98200cc0ff273cfec73adf55562836adec4c86e85ec4f31dea7d233d54df4393
SHA512

26df5f42a9d60f3040992560d0c3e133c62bad8bf4cdc5b1cf35f899f7dd70d9a48140988e654df779dfe3f326ec76d074e044a0c13f811e7873b804c2830d58
SSDEEP

6144:07DJbyFLycSQRcOCUVJDQfwjpCU2NVG4hBMkVkIs31E:07DJbopSyhNQWs/BwOkIH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  98200cc0ff273cfec73adf55562836adec4c86e85ec4f31dea7d233d54df4393
- Size
  
  300KB
- MD5
  
  1e65378ed7d208e3f7d3700f32b73cf1
- SHA1
  
  eb49144024cd00e2d2aac7c8adf13d89cc2a5535
- SHA256
  
  98200cc0ff273cfec73adf55562836adec4c86e85ec4f31dea7d233d54df4393
- SHA512
  
  26df5f42a9d60f3040992560d0c3e133c62bad8bf4cdc5b1cf35f899f7dd70d9a48140988e654df779dfe3f326ec76d074e044a0c13f811e7873b804c2830d58
- SSDEEP
  
  6144:07DJbyFLycSQRcOCUVJDQfwjpCU2NVG4hBMkVkIs31E:07DJbopSyhNQWs/BwOkIH
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2