a288b82212662d739d6cb78dc164d0bbeca5a36b3e6f3fe9507f99ba3b65b980 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a288b82212662d739d6cb78dc164d0bbeca5a36b3e6f3fe9507f99ba3b65b980
Size

290KB
Sample

221124-gdm4wacd46
MD5

21ce11c303f3d2fd59560b76a3e11c5e
SHA1

779b830298d5eeeebf33dffc05f7ffd95cf20d31
SHA256

a288b82212662d739d6cb78dc164d0bbeca5a36b3e6f3fe9507f99ba3b65b980
SHA512

4b0812fe9229a3ff3362e18332a6edab2edd2b19ffe59d22739accbb7388ab1981856e1f1cd4d7c53cfd65fd19bbe8c08693324da6fd10b57f6c2dc50f26b291
SSDEEP

6144:4TpvZOBKtOkfoATA2yxCv07S+C6AqGUkH/E:4lvZOEcl2yxne+4qEE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a288b82212662d739d6cb78dc164d0bbeca5a36b3e6f3fe9507f99ba3b65b980
- Size
  
  290KB
- MD5
  
  21ce11c303f3d2fd59560b76a3e11c5e
- SHA1
  
  779b830298d5eeeebf33dffc05f7ffd95cf20d31
- SHA256
  
  a288b82212662d739d6cb78dc164d0bbeca5a36b3e6f3fe9507f99ba3b65b980
- SHA512
  
  4b0812fe9229a3ff3362e18332a6edab2edd2b19ffe59d22739accbb7388ab1981856e1f1cd4d7c53cfd65fd19bbe8c08693324da6fd10b57f6c2dc50f26b291
- SSDEEP
  
  6144:4TpvZOBKtOkfoATA2yxCv07S+C6AqGUkH/E:4lvZOEcl2yxne+4qEE
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2