472b678218aeffc5d5b352550612d1da44a4734d83d1e14646440560e251fb5c | Triage

Sharing

General

Target

472b678218aeffc5d5b352550612d1da44a4734d83d1e14646440560e251fb5c
Size

428KB
Sample

221123-rr72bacd4t
MD5

ad7313b71afd12bb2bdf006931fe0fd9
SHA1

df85d9fc222b241eb26cad8281666f2ccf901ba3
SHA256

472b678218aeffc5d5b352550612d1da44a4734d83d1e14646440560e251fb5c
SHA512

4505d1ba04c5d9f3d5da9dbf428bfa581272bc5c3bafda3a74b214e00a50332c42bbb790194f3363265ce0443a367a8326a1706846d169de40888365e627c6d5
SSDEEP

12288:vGYuufqCYpkYcnyxSPB/wTcOP6M2hElG7b7Xxk832mJOq:+UfqCOkpyxSPBoTcEh832mJ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  472b678218aeffc5d5b352550612d1da44a4734d83d1e14646440560e251fb5c
- Size
  
  428KB
- MD5
  
  ad7313b71afd12bb2bdf006931fe0fd9
- SHA1
  
  df85d9fc222b241eb26cad8281666f2ccf901ba3
- SHA256
  
  472b678218aeffc5d5b352550612d1da44a4734d83d1e14646440560e251fb5c
- SHA512
  
  4505d1ba04c5d9f3d5da9dbf428bfa581272bc5c3bafda3a74b214e00a50332c42bbb790194f3363265ce0443a367a8326a1706846d169de40888365e627c6d5
- SSDEEP
  
  12288:vGYuufqCYpkYcnyxSPB/wTcOP6M2hElG7b7Xxk832mJOq:+UfqCOkpyxSPBoTcEh832mJ
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2