d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2 | Triage

Sharing

General

Target

d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2
Size

304KB
Sample

221124-e26j1shb37
MD5

c30ccdcf9d08cb32f21f30138aee4bf4
SHA1

16ccef637353eef88da6b476fd6edb8d7c08531c
SHA256

d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2
SHA512

474a498027e3b7ec79d817020ea90662945cbb553913de3eec89226f51e324be682e6c0abfd14a9422cc9e8625d529b4025b183c7a17553617cf66bdc1fff18d
SSDEEP

6144:ihnqsd6VLR98xm7BtzilD3PZI7u+3tqd1w2dBMSXW:iRqdNx7KlEdgw9D

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2
- Size
  
  304KB
- MD5
  
  c30ccdcf9d08cb32f21f30138aee4bf4
- SHA1
  
  16ccef637353eef88da6b476fd6edb8d7c08531c
- SHA256
  
  d2501f9f10dfb0405ef83d04f238635706f004495d58e5fc23356f8c2d3e49e2
- SHA512
  
  474a498027e3b7ec79d817020ea90662945cbb553913de3eec89226f51e324be682e6c0abfd14a9422cc9e8625d529b4025b183c7a17553617cf66bdc1fff18d
- SSDEEP
  
  6144:ihnqsd6VLR98xm7BtzilD3PZI7u+3tqd1w2dBMSXW:iRqdNx7KlEdgw9D
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2