21c052e0dc12e9e5e47b2b30077658a5188f86f0c30d15cd9a405a33228e7e41 | Triage

Sharing

General

Target

21c052e0dc12e9e5e47b2b30077658a5188f86f0c30d15cd9a405a33228e7e41
Size

377KB
Sample

221123-r6apcsde2t
MD5

97de3e390b56a250cd6edc7ad6801a68
SHA1

3cef223df5d5d1059002ed26eee14b7852a39be6
SHA256

21c052e0dc12e9e5e47b2b30077658a5188f86f0c30d15cd9a405a33228e7e41
SHA512

f45e0b7665b184c0b8a3a9a7b518bfc4129ba8a28619857462d53141c6eebb73faaae86f64d28fe5e2af25ef3ea7b7e33e2ffd1b4c835f62fce0e8da1cf44733
SSDEEP

6144:maK7YuRhCWXuFAjPv5Ab2IpFyEiul8vWjllQV5q031poyk9GNqcq:maKd0WKKvhICEidvalneo9Qq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  21c052e0dc12e9e5e47b2b30077658a5188f86f0c30d15cd9a405a33228e7e41
- Size
  
  377KB
- MD5
  
  97de3e390b56a250cd6edc7ad6801a68
- SHA1
  
  3cef223df5d5d1059002ed26eee14b7852a39be6
- SHA256
  
  21c052e0dc12e9e5e47b2b30077658a5188f86f0c30d15cd9a405a33228e7e41
- SHA512
  
  f45e0b7665b184c0b8a3a9a7b518bfc4129ba8a28619857462d53141c6eebb73faaae86f64d28fe5e2af25ef3ea7b7e33e2ffd1b4c835f62fce0e8da1cf44733
- SSDEEP
  
  6144:maK7YuRhCWXuFAjPv5Ab2IpFyEiul8vWjllQV5q031poyk9GNqcq:maKd0WKKvhICEidvalneo9Qq
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2