c21510abc6d2f7c4a5b9a0b477db8fe11ab0afa2b24bd634fb0d3809783f594a | Triage

Sharing

General

Target

c21510abc6d2f7c4a5b9a0b477db8fe11ab0afa2b24bd634fb0d3809783f594a
Size

122KB
Sample

221124-e2q5bscc3y
MD5

524aef4fd452e65c14c90a48b5d05100
SHA1

f1a8d471c2a95bde73beb220c3c602c49b3fd631
SHA256

c21510abc6d2f7c4a5b9a0b477db8fe11ab0afa2b24bd634fb0d3809783f594a
SHA512

42ab67f2bb69b5c6c450befb6b26b094bddd7a41714c3fe9af1e735c436cd5a6c6ec3e2d88dcefee44496922ae40e18199edc3fa87fb4359e4e3382894d83aea
SSDEEP

1536:NdNTzxM+Rfk8mVKj8iy2EmkhuCyIoRTKF/cgSjGYNJCPw1QMvGaDpe7dHHZHiMs9:NDzJINznmKpp91HMGGCPwqMBVM0zVo8

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1_1_kundencenter_mobilfunk_2014_11_de_0209_0000328362_2761287_12_78_009_2876237820002.exe
- Size
  
  172KB
- MD5
  
  b2967a3ca6cfebc2e66f4c69d19dc055
- SHA1
  
  8832ee55e68abeb97738f4a62063860686246474
- SHA256
  
  9c4853fb813000f747396db86faea3122e6f7395f600bef9b3bc5f6eea133a9b
- SHA512
  
  00be2036a0fae86686f5de9c86f861fa534b52357636618adfb80c8edaf4ac9110fd6cca76fd7d9774ad090e0e3b2bc2d2ed71e314a4c147be8dc64c888f6e6e
- SSDEEP
  
  3072:M5AvWhLGWKpp91HMGGCPwqMBV/oFPUNuG:QSWhLG5fBRPSyF
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2