ce97ddc450b4aefc33e279992c2a201297d74eb56ff98f8ed188fa2c0990485b | Triage

Sharing

General

Target

ce97ddc450b4aefc33e279992c2a201297d74eb56ff98f8ed188fa2c0990485b
Size

290KB
Sample

221124-e17exsha45
MD5

0e2d978295ade9f2ad0c7c86f2b88460
SHA1

91f03d509fd50cb4dc99824992cdcf18b66eb7d6
SHA256

ce97ddc450b4aefc33e279992c2a201297d74eb56ff98f8ed188fa2c0990485b
SHA512

e2aa78e142ae3cf6a8b5a968f2a6c494c3d517303ba7c2f3a39d60cb658a48783cee0d840956380c6921a533ffc1a56221ec1a625f02d2f7adafef77da8d7e18
SSDEEP

6144:YtqsCcx37x7GILKDO5YhewKNTEIDTRuHYAjhWUI:DsdB7+N8V3DTY48I

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ce97ddc450b4aefc33e279992c2a201297d74eb56ff98f8ed188fa2c0990485b
- Size
  
  290KB
- MD5
  
  0e2d978295ade9f2ad0c7c86f2b88460
- SHA1
  
  91f03d509fd50cb4dc99824992cdcf18b66eb7d6
- SHA256
  
  ce97ddc450b4aefc33e279992c2a201297d74eb56ff98f8ed188fa2c0990485b
- SHA512
  
  e2aa78e142ae3cf6a8b5a968f2a6c494c3d517303ba7c2f3a39d60cb658a48783cee0d840956380c6921a533ffc1a56221ec1a625f02d2f7adafef77da8d7e18
- SSDEEP
  
  6144:YtqsCcx37x7GILKDO5YhewKNTEIDTRuHYAjhWUI:DsdB7+N8V3DTY48I
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2