b42ac21e75f1a670793a0f658b07878c899f275ecf52b805eeae0b5780c0427b | Triage

Sharing

General

Target

b42ac21e75f1a670793a0f658b07878c899f275ecf52b805eeae0b5780c0427b
Size

172KB
Sample

221124-e2nzzacc3v
MD5

49126a2449c1cc651e922ae564002ba9
SHA1

f4c27b23078dc9d1f937802f80d6a92fe5914945
SHA256

b42ac21e75f1a670793a0f658b07878c899f275ecf52b805eeae0b5780c0427b
SHA512

a3ee38e7dc32214ef158ca8700c98bc8127103a6e9f3762eb99a212d933b86c159370b26b0904258994878665b6b46933f85a44cef7927090b7fcd1b45420199
SSDEEP

3072:8VtwFs4FTW2Ud3Yc8xbZuGUjdBurtlITuG:kwFs4FTWdCZpUjdBurtlI

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  b42ac21e75f1a670793a0f658b07878c899f275ecf52b805eeae0b5780c0427b
- Size
  
  172KB
- MD5
  
  49126a2449c1cc651e922ae564002ba9
- SHA1
  
  f4c27b23078dc9d1f937802f80d6a92fe5914945
- SHA256
  
  b42ac21e75f1a670793a0f658b07878c899f275ecf52b805eeae0b5780c0427b
- SHA512
  
  a3ee38e7dc32214ef158ca8700c98bc8127103a6e9f3762eb99a212d933b86c159370b26b0904258994878665b6b46933f85a44cef7927090b7fcd1b45420199
- SSDEEP
  
  3072:8VtwFs4FTW2Ud3Yc8xbZuGUjdBurtlITuG:kwFs4FTWdCZpUjdBurtlI
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2