d31de76ce0b8105fae81cb81a8b34eafefe88c7d7d0c989e16e6aae4eef89284 | Triage

Sharing

General

Target

d31de76ce0b8105fae81cb81a8b34eafefe88c7d7d0c989e16e6aae4eef89284
Size

296KB
Sample

221124-f3tsaaef71
MD5

79f0e71bbec0e5145f551bf02051a188
SHA1

4b2db818b166a31c1febef24b1cbbc95faf2ae24
SHA256

d31de76ce0b8105fae81cb81a8b34eafefe88c7d7d0c989e16e6aae4eef89284
SHA512

2295c70a33fb21b27f41f66fbf9c71f4e52590352cafc4af3703ee79f01683d515ecf0548afe8687d7d94e568fc4a54739457082e1d8891eb65447d05b6c9ebb
SSDEEP

6144:NU/s08jECWzHgHc1MgwxM7BIxBHKpNdmrc/C:Nj08jECW082gwxUIxBHoNg

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d31de76ce0b8105fae81cb81a8b34eafefe88c7d7d0c989e16e6aae4eef89284
- Size
  
  296KB
- MD5
  
  79f0e71bbec0e5145f551bf02051a188
- SHA1
  
  4b2db818b166a31c1febef24b1cbbc95faf2ae24
- SHA256
  
  d31de76ce0b8105fae81cb81a8b34eafefe88c7d7d0c989e16e6aae4eef89284
- SHA512
  
  2295c70a33fb21b27f41f66fbf9c71f4e52590352cafc4af3703ee79f01683d515ecf0548afe8687d7d94e568fc4a54739457082e1d8891eb65447d05b6c9ebb
- SSDEEP
  
  6144:NU/s08jECWzHgHc1MgwxM7BIxBHKpNdmrc/C:Nj08jECW082gwxUIxBHoNg
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2