305637cabcee86b0d6596efdd5815781622bfa68c7ed6538f699ba3b29c21aaf | Triage

Sharing

General

Target

305637cabcee86b0d6596efdd5815781622bfa68c7ed6538f699ba3b29c21aaf
Size

138KB
Sample

221124-pl8dsagd41
MD5

c000a19c6f8743ea0e7bf934c28044a8
SHA1

d81d909844a2308ea578a5b1848cfb46322ea140
SHA256

305637cabcee86b0d6596efdd5815781622bfa68c7ed6538f699ba3b29c21aaf
SHA512

9c992ebbe603e81e7a15b0a8ce96048f76835b8aaf27563494e64f8090e7591233a2076e48ab6c074d8fe6f3bc57a3c0860ff18effddf8a15b52ccf1481073f3
SSDEEP

3072:qzb1LZQEduEgsW2UPqxUETqkC0i50/YXiQXT+t/8XIgfUTaXD3kz1QNU5:qzb1L+QHhUPqxUERQiQwkXhfUThQE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  305637cabcee86b0d6596efdd5815781622bfa68c7ed6538f699ba3b29c21aaf
- Size
  
  138KB
- MD5
  
  c000a19c6f8743ea0e7bf934c28044a8
- SHA1
  
  d81d909844a2308ea578a5b1848cfb46322ea140
- SHA256
  
  305637cabcee86b0d6596efdd5815781622bfa68c7ed6538f699ba3b29c21aaf
- SHA512
  
  9c992ebbe603e81e7a15b0a8ce96048f76835b8aaf27563494e64f8090e7591233a2076e48ab6c074d8fe6f3bc57a3c0860ff18effddf8a15b52ccf1481073f3
- SSDEEP
  
  3072:qzb1LZQEduEgsW2UPqxUETqkC0i50/YXiQXT+t/8XIgfUTaXD3kz1QNU5:qzb1L+QHhUPqxUERQiQwkXhfUThQE
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2