3a3ebe672c11bfb71c98711fac541da1f8900dc4f8b59a8d662d8c5993135984 | Triage

Sharing

General

Target

3a3ebe672c11bfb71c98711fac541da1f8900dc4f8b59a8d662d8c5993135984
Size

420KB
Sample

221124-p7zc1ahg9s
MD5

c9cc8b473e688977cfe8f372a5c8df09
SHA1

69378d1062c100d2c74eaa149c662a48a4645906
SHA256

3a3ebe672c11bfb71c98711fac541da1f8900dc4f8b59a8d662d8c5993135984
SHA512

d045f82bf29284fad97c3bc77b1f81abd47e395a70eea1cc461f22370bf2e94f8c20615f1d41bee0c7f43fac67f4774dfe6cb7716ac112ea629c43f5f81d64c2
SSDEEP

6144:ke9gLFazjEImp3vRaso7pywUFUP4xN6Io2urjuyF/MnALjyF:yRcjEIORaskpywUFUwgIo2gjuTnAaF

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3a3ebe672c11bfb71c98711fac541da1f8900dc4f8b59a8d662d8c5993135984
- Size
  
  420KB
- MD5
  
  c9cc8b473e688977cfe8f372a5c8df09
- SHA1
  
  69378d1062c100d2c74eaa149c662a48a4645906
- SHA256
  
  3a3ebe672c11bfb71c98711fac541da1f8900dc4f8b59a8d662d8c5993135984
- SHA512
  
  d045f82bf29284fad97c3bc77b1f81abd47e395a70eea1cc461f22370bf2e94f8c20615f1d41bee0c7f43fac67f4774dfe6cb7716ac112ea629c43f5f81d64c2
- SSDEEP
  
  6144:ke9gLFazjEImp3vRaso7pywUFUP4xN6Io2urjuyF/MnALjyF:yRcjEIORaskpywUFUwgIo2gjuTnAaF
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2