5408a8546f3a12099631e42786a807213fc678bff2280de0fe2dcda59f2afdea | Triage

Sharing

General

Target

5408a8546f3a12099631e42786a807213fc678bff2280de0fe2dcda59f2afdea
Size

430KB
Sample

221123-rmgnkaha27
MD5

0aef9c8e9eed947172bbd9861eac729f
SHA1

87bbea129177edef74e75691bd6cf1b77df6ab9b
SHA256

5408a8546f3a12099631e42786a807213fc678bff2280de0fe2dcda59f2afdea
SHA512

845944944abfdead283cd9f4dcc0d17b8e5585893104aeb5e23ca238446079092ae0e2130b118a381105690481e707f94ba70aa180181b16803cd34ac9e8ab60
SSDEEP

6144:XnAzDN/qaPjsRhTmn2IFR2/xs01IayxfEL7xk0t7w7KmduWsswMFX8fxx0ydnfvS:XAzDN+Nm2sYdsxsZE7r9XwMKfxphK

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5408a8546f3a12099631e42786a807213fc678bff2280de0fe2dcda59f2afdea
- Size
  
  430KB
- MD5
  
  0aef9c8e9eed947172bbd9861eac729f
- SHA1
  
  87bbea129177edef74e75691bd6cf1b77df6ab9b
- SHA256
  
  5408a8546f3a12099631e42786a807213fc678bff2280de0fe2dcda59f2afdea
- SHA512
  
  845944944abfdead283cd9f4dcc0d17b8e5585893104aeb5e23ca238446079092ae0e2130b118a381105690481e707f94ba70aa180181b16803cd34ac9e8ab60
- SSDEEP
  
  6144:XnAzDN/qaPjsRhTmn2IFR2/xs01IayxfEL7xk0t7w7KmduWsswMFX8fxx0ydnfvS:XAzDN+Nm2sYdsxsZE7r9XwMKfxphK
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2