221ba0fa5ca5b92c6768c182c189f56e39dadcb5ac51843243908ffe2b5c90bf | Triage

Submit
Reports

Overview

overview

8

Static

static

1

221ba0fa5c...bf.exe

windows7-x64

8

221ba0fa5c...bf.exe

windows10-2004-x64

7

Sharing

General

Target

221ba0fa5ca5b92c6768c182c189f56e39dadcb5ac51843243908ffe2b5c90bf
Size

188KB
Sample

221124-l3ma4afd75
MD5

ef9f26d0bfc17946a94d22e95772401a
SHA1

1b5e2bd71d525d5e4a9096e275ec688aaa918054
SHA256

221ba0fa5ca5b92c6768c182c189f56e39dadcb5ac51843243908ffe2b5c90bf
SHA512

2c94bfac6f1d828fef2f43f1c3b40d70235aac6902b4dfe75f7c2743c8681ac1ae6b815fa62a5748143c805d875a2f2c3f378a244d30e989113329d8b83e7acb
SSDEEP

3072:14URpNUUX6z/DBXJfqDWvmwH67flquMqQhFVz3LYKV5r/9DUzA0KM9/G8jETRwrn:14SUjhtq6vmwelqvDzbhV5T9kfpbrJEA

Score

8^/10

persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

221ba0fa5ca5b92c6768c182c189f56e39dadcb5ac51843243908ffe2b5c90bf.exe

Resource

win7-20221111-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

221ba0fa5ca5b92c6768c182c189f56e39dadcb5ac51843243908ffe2b5c90bf.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  221ba0fa5ca5b92c6768c182c189f56e39dadcb5ac51843243908ffe2b5c90bf
- Size
  
  188KB
- MD5
  
  ef9f26d0bfc17946a94d22e95772401a
- SHA1
  
  1b5e2bd71d525d5e4a9096e275ec688aaa918054
- SHA256
  
  221ba0fa5ca5b92c6768c182c189f56e39dadcb5ac51843243908ffe2b5c90bf
- SHA512
  
  2c94bfac6f1d828fef2f43f1c3b40d70235aac6902b4dfe75f7c2743c8681ac1ae6b815fa62a5748143c805d875a2f2c3f378a244d30e989113329d8b83e7acb
- SSDEEP
  
  3072:14URpNUUX6z/DBXJfqDWvmwH67flquMqQhFVz3LYKV5r/9DUzA0KM9/G8jETRwrn:14SUjhtq6vmwelqvDzbhV5T9kfpbrJEA
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy