2d243f2d47e2a65be3c81fc6ffc4faa34b8bf38234f1b6d0503f3e6c3c7446f9 | Triage

Sharing

General

Target

2d243f2d47e2a65be3c81fc6ffc4faa34b8bf38234f1b6d0503f3e6c3c7446f9
Size

387KB
Sample

221124-mbs51aba6w
MD5

d6d6d27303c3973260df1e53851c4688
SHA1

ef25c92f968474881d5848ed341147056f6a5d1d
SHA256

2d243f2d47e2a65be3c81fc6ffc4faa34b8bf38234f1b6d0503f3e6c3c7446f9
SHA512

a3b7cba71138e3048ea083ab54df619c50c64be49e8f57074a5c5e5bbfe553eb9042ce5bb906c28978fdd346503e7893c09e9efc3da9830d0422f2981450f5b2
SSDEEP

6144:10BA3khqL1bcCVENChPsvk5IEK3pVVcqNcfCMnNBEb2/Ar7:10BACqRb2UPscW3jDNcKMPEqE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2d243f2d47e2a65be3c81fc6ffc4faa34b8bf38234f1b6d0503f3e6c3c7446f9
- Size
  
  387KB
- MD5
  
  d6d6d27303c3973260df1e53851c4688
- SHA1
  
  ef25c92f968474881d5848ed341147056f6a5d1d
- SHA256
  
  2d243f2d47e2a65be3c81fc6ffc4faa34b8bf38234f1b6d0503f3e6c3c7446f9
- SHA512
  
  a3b7cba71138e3048ea083ab54df619c50c64be49e8f57074a5c5e5bbfe553eb9042ce5bb906c28978fdd346503e7893c09e9efc3da9830d0422f2981450f5b2
- SSDEEP
  
  6144:10BA3khqL1bcCVENChPsvk5IEK3pVVcqNcfCMnNBEb2/Ar7:10BACqRb2UPscW3jDNcKMPEqE
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Checks for any installed AV software in registry
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Security Software Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2