ca2f286d621b9ebd58afa1b5cdc4b495c1e33020d910f88468be418d3823d9bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca2f286d621b9ebd58afa1b5cdc4b495c1e33020d910f88468be418d3823d9bd
Size

114KB
Sample

221124-afnd4aec72
MD5

9d8c36250fe72ffd6eec6cfd77b5000c
SHA1

6b3c70c8d477255b370b743cf288aa077ca6e602
SHA256

ca2f286d621b9ebd58afa1b5cdc4b495c1e33020d910f88468be418d3823d9bd
SHA512

358f93690261ba59f06dcf6674c6e45434f69050458a176f25ea9c12cea7a7b4f740032c449fa34dd09d2f82a7e7cd3e195b6bff3623bb69898c77c7f47a6a77
SSDEEP

3072:DQIURTXJ+M4rKnBbfECcifwlmEDxMy2eYZhWMAS:Ds94rSBbE20DxUeYyA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ca2f286d621b9ebd58afa1b5cdc4b495c1e33020d910f88468be418d3823d9bd
- Size
  
  114KB
- MD5
  
  9d8c36250fe72ffd6eec6cfd77b5000c
- SHA1
  
  6b3c70c8d477255b370b743cf288aa077ca6e602
- SHA256
  
  ca2f286d621b9ebd58afa1b5cdc4b495c1e33020d910f88468be418d3823d9bd
- SHA512
  
  358f93690261ba59f06dcf6674c6e45434f69050458a176f25ea9c12cea7a7b4f740032c449fa34dd09d2f82a7e7cd3e195b6bff3623bb69898c77c7f47a6a77
- SSDEEP
  
  3072:DQIURTXJ+M4rKnBbfECcifwlmEDxMy2eYZhWMAS:Ds94rSBbE20DxUeYyA
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2