6f93f8ad7a10e6ca54cabf356c32642f46ab299b8c8b92a3a4903c4020bd889c | Triage

Sharing

General

Target

6f93f8ad7a10e6ca54cabf356c32642f46ab299b8c8b92a3a4903c4020bd889c
Size

175KB
Sample

221124-e2re4acc3z
MD5

e48cceb9acf53413e640bd71ca9a9b82
SHA1

4717254d8effa6814da9a942aa1839225fe5facc
SHA256

6f93f8ad7a10e6ca54cabf356c32642f46ab299b8c8b92a3a4903c4020bd889c
SHA512

b0b42890450382594b972104f69c156cda150bb387ac4f3d7459b982035e2b81386b95bb6c5cad3d1085de813f0bf93a2a173327f3c618f9e6c7c7c428a94de8
SSDEEP

3072:KPmGqqkkEHE7kvN8WKoEOeKLYk59K5bDfb6MKY0X0RthYYyVo2H:KPt7BToEOeK8kkb6MKY0qpyV

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6f93f8ad7a10e6ca54cabf356c32642f46ab299b8c8b92a3a4903c4020bd889c
- Size
  
  175KB
- MD5
  
  e48cceb9acf53413e640bd71ca9a9b82
- SHA1
  
  4717254d8effa6814da9a942aa1839225fe5facc
- SHA256
  
  6f93f8ad7a10e6ca54cabf356c32642f46ab299b8c8b92a3a4903c4020bd889c
- SHA512
  
  b0b42890450382594b972104f69c156cda150bb387ac4f3d7459b982035e2b81386b95bb6c5cad3d1085de813f0bf93a2a173327f3c618f9e6c7c7c428a94de8
- SSDEEP
  
  3072:KPmGqqkkEHE7kvN8WKoEOeKLYk59K5bDfb6MKY0X0RthYYyVo2H:KPt7BToEOeK8kkb6MKY0qpyV
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2