6460ef77141a7aa9c70b59f572b54087f8eed8831798597ddf281d9f5d3e458e | Triage

Sharing

General

Target

6460ef77141a7aa9c70b59f572b54087f8eed8831798597ddf281d9f5d3e458e
Size

138KB
Sample

221124-mb479sba7w
MD5

0fc789316aab3ad20c1b9933fc77da76
SHA1

65aea23dd464d2361fb1a2d9d71b2e6bf25fdda0
SHA256

6460ef77141a7aa9c70b59f572b54087f8eed8831798597ddf281d9f5d3e458e
SHA512

7e186af10fe12515a60db9d060b2a7edb99e8d11f0373b953d66fc2e684605d7b4866bc42200ad87cbcd43915cb3cf07542cadb6cf5fe2a5a569b3459fb5fa3b
SSDEEP

3072:KTlx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1z3wQGF:KTloGtmiYlW4A1QvGXjBcQGF

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6460ef77141a7aa9c70b59f572b54087f8eed8831798597ddf281d9f5d3e458e
- Size
  
  138KB
- MD5
  
  0fc789316aab3ad20c1b9933fc77da76
- SHA1
  
  65aea23dd464d2361fb1a2d9d71b2e6bf25fdda0
- SHA256
  
  6460ef77141a7aa9c70b59f572b54087f8eed8831798597ddf281d9f5d3e458e
- SHA512
  
  7e186af10fe12515a60db9d060b2a7edb99e8d11f0373b953d66fc2e684605d7b4866bc42200ad87cbcd43915cb3cf07542cadb6cf5fe2a5a569b3459fb5fa3b
- SSDEEP
  
  3072:KTlx50VJqtHGbu5XCniylWrtGA1GHvGXaCH1Fukp1z3wQGF:KTloGtmiYlW4A1QvGXjBcQGF
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2