5c3c7ef4142c57493947d5bb743ac0dd19ab8d2aeaaf25a3b03f1d1c6097ccd3 | Triage

Sharing

General

Target

5c3c7ef4142c57493947d5bb743ac0dd19ab8d2aeaaf25a3b03f1d1c6097ccd3
Size

240KB
Sample

221123-rjjczsgg33
MD5

b27d89fdba740d8d95382f3837c7ae0a
SHA1

3e4fc24a9f39f139d9639ab1aaaca04a58e4957f
SHA256

5c3c7ef4142c57493947d5bb743ac0dd19ab8d2aeaaf25a3b03f1d1c6097ccd3
SHA512

d8fc7d692f8f1b00fcff5453dc2cca6be6f5db5475ff63d83ce02411f0bf78518b5cc0a4c206b00556e551df5c10a06d6d2c681fceac30b5250efaf76f5344df
SSDEEP

3072:7LpxTJJWCXx7vCgnmi5qCgxoc2qxSC4yi3lb4+eFWDsxR7eauoVpZ3Y6Ck4K3aS:7t9RdvCgpz/4+g7eqLNY6C1K3X

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  5c3c7ef4142c57493947d5bb743ac0dd19ab8d2aeaaf25a3b03f1d1c6097ccd3
- Size
  
  240KB
- MD5
  
  b27d89fdba740d8d95382f3837c7ae0a
- SHA1
  
  3e4fc24a9f39f139d9639ab1aaaca04a58e4957f
- SHA256
  
  5c3c7ef4142c57493947d5bb743ac0dd19ab8d2aeaaf25a3b03f1d1c6097ccd3
- SHA512
  
  d8fc7d692f8f1b00fcff5453dc2cca6be6f5db5475ff63d83ce02411f0bf78518b5cc0a4c206b00556e551df5c10a06d6d2c681fceac30b5250efaf76f5344df
- SSDEEP
  
  3072:7LpxTJJWCXx7vCgnmi5qCgxoc2qxSC4yi3lb4+eFWDsxR7eauoVpZ3Y6Ck4K3aS:7t9RdvCgpz/4+g7eqLNY6C1K3X
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2