3d7e8167d80f629c8d00195653c9f3efee2a2eb7a073ce808262889a3d64cb51 | Triage

Sharing

General

Target

3d7e8167d80f629c8d00195653c9f3efee2a2eb7a073ce808262889a3d64cb51
Size

742KB
Sample

221125-c2aq8shh5y
MD5

d8701c629a759dc0271b760dfadfcf40
SHA1

4bb9d9e0e08b4e4619512f6ab975e50f03e7444d
SHA256

3d7e8167d80f629c8d00195653c9f3efee2a2eb7a073ce808262889a3d64cb51
SHA512

61a40ca7a13378e2ca15a20a51a09d027d949932a86171f50699e2186b5b1d1e95aef911699355f0322cc12683aee4af562ecfdb026488d6791cb3723014047a
SSDEEP

12288:x9Ec//////9OtZx54VS0jfJhHQ6LOCiPguyoFBtZV0QrDaiHdGYr8JkDkNq7QUCY:/Ec//////sN52S0NBQ6LOCiYuyoFfZVX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3d7e8167d80f629c8d00195653c9f3efee2a2eb7a073ce808262889a3d64cb51
- Size
  
  742KB
- MD5
  
  d8701c629a759dc0271b760dfadfcf40
- SHA1
  
  4bb9d9e0e08b4e4619512f6ab975e50f03e7444d
- SHA256
  
  3d7e8167d80f629c8d00195653c9f3efee2a2eb7a073ce808262889a3d64cb51
- SHA512
  
  61a40ca7a13378e2ca15a20a51a09d027d949932a86171f50699e2186b5b1d1e95aef911699355f0322cc12683aee4af562ecfdb026488d6791cb3723014047a
- SSDEEP
  
  12288:x9Ec//////9OtZx54VS0jfJhHQ6LOCiPguyoFBtZV0QrDaiHdGYr8JkDkNq7QUCY:/Ec//////sN52S0NBQ6LOCiYuyoFfZVX
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2