241c1cde2f34e1c32e2b465703aee4d2a4646df7df2c3a897dde04e869641193 | Triage

Sharing

General

Target

241c1cde2f34e1c32e2b465703aee4d2a4646df7df2c3a897dde04e869641193
Size

175KB
Sample

221123-xfw3kaeh59
MD5

3803aef840bb584ea546434d0a111dab
SHA1

f7d130982a054865b5e49e3fecf34cf171c97263
SHA256

241c1cde2f34e1c32e2b465703aee4d2a4646df7df2c3a897dde04e869641193
SHA512

980e8950f6c028d81dd0dc37fd37a1227c9092e7efd05bac062b35fd60a745db6442e224065e0f617c2812c9c0b2a166db0018b64728648eb268ed6800dc1990
SSDEEP

3072:59h2mpcq5IsxwYXhj80B1TO5L7mVoxViYz8y/5+L+wlqb3QZ97Da2DC3V7+jxQKO:J2iwxWTAL7yon/5HbMaB3VyjKK8TM

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  241c1cde2f34e1c32e2b465703aee4d2a4646df7df2c3a897dde04e869641193
- Size
  
  175KB
- MD5
  
  3803aef840bb584ea546434d0a111dab
- SHA1
  
  f7d130982a054865b5e49e3fecf34cf171c97263
- SHA256
  
  241c1cde2f34e1c32e2b465703aee4d2a4646df7df2c3a897dde04e869641193
- SHA512
  
  980e8950f6c028d81dd0dc37fd37a1227c9092e7efd05bac062b35fd60a745db6442e224065e0f617c2812c9c0b2a166db0018b64728648eb268ed6800dc1990
- SSDEEP
  
  3072:59h2mpcq5IsxwYXhj80B1TO5L7mVoxViYz8y/5+L+wlqb3QZ97Da2DC3V7+jxQKO:J2iwxWTAL7yon/5HbMaB3VyjKK8TM
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2