12af7ec4de8feedf4ca60adb38c0acd6ef1a6f798f2403d0b2b4699003f56320 | Triage

Sharing

General

Target

12af7ec4de8feedf4ca60adb38c0acd6ef1a6f798f2403d0b2b4699003f56320
Size

126KB
Sample

221124-fdzbgaaa82
MD5

8e9f5257aea7197d540ca085be14dc59
SHA1

0f687df0050b75ba38f743079a7cd2915e746d65
SHA256

12af7ec4de8feedf4ca60adb38c0acd6ef1a6f798f2403d0b2b4699003f56320
SHA512

0b6a7a7391b3f234b29ddb01bb27e662a11fcd3caaca1777c2548d334067a1df66985143714fdcfb772881718a46527e1f076251c11836a7477c65ba675b3ebb
SSDEEP

3072:cE32P0xKLBStd3jUQdW66THeOO16ogZrss1IyLXfgQS:c3PgyBqz14TE6dZrbI6vS

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  RG928200002_2014_november_00000329320.023042490280.0324980000038-0000006.exe
- Size
  
  176KB
- MD5
  
  5095f22cbdd7c59303fb7d670c97afa5
- SHA1
  
  35712036e76c5215b512f9ddb73321617387a98c
- SHA256
  
  79e4ffae8c0d0abd80d090d5f3465855b25955509e78d0ced3eab4cfa6d43015
- SHA512
  
  9c4815c773a1b57c1178056fec3063894869b51af02cca52baf94a8ee1644d90a2b7444951979f15ecf90f718ad920353cf21927e754158580e479ea5106c0fc
- SSDEEP
  
  3072:5KzHNmI+9MEJRuOmz1C+cSQStd3jUQdW6OTHeOO16ogZrssN6wc+ga0Mhze:5qHByNJGBC+Cqz14TE6dZr5PQ
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2