6009a425bf85982c62ccf8297d4e8808a6ad855f248b96f02116b707175783dc | Triage

Sharing

General

Target

6009a425bf85982c62ccf8297d4e8808a6ad855f248b96f02116b707175783dc
Size

483KB
Sample

221125-1vzc1shg62
MD5

082ba9caf9a8bb47690e15713dc0767d
SHA1

4240f04cbc25816f02a434f73416a6438fe1235c
SHA256

6009a425bf85982c62ccf8297d4e8808a6ad855f248b96f02116b707175783dc
SHA512

bc98426cbfe9ac5ed015ab1b841ffb6422117e47b6b088eb424e2ccfa327b6027908a268fccdc71dd5dd5730f8cd8832421b5cf98d898b71eeab5d1325dd1af7
SSDEEP

12288:PH/D9lSj7eGkTfsx5vzQt6jKew9lSj7eGkTfsx5vzQt6jKa:Pr9A32fsxJzQtyKJ9A32fsxJzQtyKa

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6009a425bf85982c62ccf8297d4e8808a6ad855f248b96f02116b707175783dc
- Size
  
  483KB
- MD5
  
  082ba9caf9a8bb47690e15713dc0767d
- SHA1
  
  4240f04cbc25816f02a434f73416a6438fe1235c
- SHA256
  
  6009a425bf85982c62ccf8297d4e8808a6ad855f248b96f02116b707175783dc
- SHA512
  
  bc98426cbfe9ac5ed015ab1b841ffb6422117e47b6b088eb424e2ccfa327b6027908a268fccdc71dd5dd5730f8cd8832421b5cf98d898b71eeab5d1325dd1af7
- SSDEEP
  
  12288:PH/D9lSj7eGkTfsx5vzQt6jKew9lSj7eGkTfsx5vzQt6jKa:Pr9A32fsxJzQtyKJ9A32fsxJzQtyKa
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2