d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e | Triage

Sharing

General

Target

d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e
Size

454KB
Sample

221124-f4sxdaeg3z
MD5

9bbc69cd7ea58b96a48245c40d9e34c7
SHA1

1ecacc4eab6eb0eba56d25716ddb72abb04d5d21
SHA256

d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e
SHA512

62d50a5134170fdbc7bda42ce14b5bf5afbea512dfb6fcd3564ad24754c6ce708ee30baa76e13bf493a26ec795ccc9b61730503ddacf131e0737ce38bf440502
SSDEEP

6144:QsYXLfUky78BO4cBvkeep6lWVEG6YsMo9SDFxu+f6Eo3ulgm35qaX:B+Ls9hvwp6UVh/4903f7Cub5qaX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e
- Size
  
  454KB
- MD5
  
  9bbc69cd7ea58b96a48245c40d9e34c7
- SHA1
  
  1ecacc4eab6eb0eba56d25716ddb72abb04d5d21
- SHA256
  
  d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e
- SHA512
  
  62d50a5134170fdbc7bda42ce14b5bf5afbea512dfb6fcd3564ad24754c6ce708ee30baa76e13bf493a26ec795ccc9b61730503ddacf131e0737ce38bf440502
- SSDEEP
  
  6144:QsYXLfUky78BO4cBvkeep6lWVEG6YsMo9SDFxu+f6Eo3ulgm35qaX:B+Ls9hvwp6UVh/4903f7Cub5qaX
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2