8eb52abc288a319c687bccb3a06d558ac5b988b1fb13e69fb3312f25cfd1b3f9 | Triage

Sharing

General

Target

8eb52abc288a319c687bccb3a06d558ac5b988b1fb13e69fb3312f25cfd1b3f9
Size

441KB
Sample

221124-pl9xlsdc56
MD5

baeffc25fce8b818b7831adf384e9e83
SHA1

f0c1df206677fbc206e88128b18826974df6fa86
SHA256

8eb52abc288a319c687bccb3a06d558ac5b988b1fb13e69fb3312f25cfd1b3f9
SHA512

a544734513049391a70069de7b108d66da31c2f8041f6201adb23dc9368daa148076718e14fb39059019c5f8a856aed3f37d02942c29dacea76e49c56583c3af
SSDEEP

12288:wsmPVQBIjg5Cn/9EdJUqX/O+iAqrmnK4IiX:wsXBIjg5Cn/2PmWImK4IiX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8eb52abc288a319c687bccb3a06d558ac5b988b1fb13e69fb3312f25cfd1b3f9
- Size
  
  441KB
- MD5
  
  baeffc25fce8b818b7831adf384e9e83
- SHA1
  
  f0c1df206677fbc206e88128b18826974df6fa86
- SHA256
  
  8eb52abc288a319c687bccb3a06d558ac5b988b1fb13e69fb3312f25cfd1b3f9
- SHA512
  
  a544734513049391a70069de7b108d66da31c2f8041f6201adb23dc9368daa148076718e14fb39059019c5f8a856aed3f37d02942c29dacea76e49c56583c3af
- SSDEEP
  
  12288:wsmPVQBIjg5Cn/9EdJUqX/O+iAqrmnK4IiX:wsXBIjg5Cn/2PmWImK4IiX
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2