3cc48f1d0d4557ad1f86f295c37e6f5b95ee3c3e71ad6f94b0a538e70ad197b0 | Triage

Sharing

General

Target

3cc48f1d0d4557ad1f86f295c37e6f5b95ee3c3e71ad6f94b0a538e70ad197b0
Size

65KB
Sample

221125-c3eftaeh87
MD5

defcc30ee540141f285e3fbe61a8b35e
SHA1

38ecec8a4d3f76c0e2874b89417bde2468286871
SHA256

3cc48f1d0d4557ad1f86f295c37e6f5b95ee3c3e71ad6f94b0a538e70ad197b0
SHA512

18cfaa97c179254d265f094cef0c6de5505c3e1222d1a1c105a14bee70658ca4a55fdc333cb259ee7f86f4c430b0b7efd400cdc8f78eceb089a370fc79812b10
SSDEEP

768:id+PIh336fFKmFu0l7VVd/7YrdO72a/SsoQAc8BuDo:id+PQ3K9KMl77dUdc2a/boQAcwuDo

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3cc48f1d0d4557ad1f86f295c37e6f5b95ee3c3e71ad6f94b0a538e70ad197b0
- Size
  
  65KB
- MD5
  
  defcc30ee540141f285e3fbe61a8b35e
- SHA1
  
  38ecec8a4d3f76c0e2874b89417bde2468286871
- SHA256
  
  3cc48f1d0d4557ad1f86f295c37e6f5b95ee3c3e71ad6f94b0a538e70ad197b0
- SHA512
  
  18cfaa97c179254d265f094cef0c6de5505c3e1222d1a1c105a14bee70658ca4a55fdc333cb259ee7f86f4c430b0b7efd400cdc8f78eceb089a370fc79812b10
- SSDEEP
  
  768:id+PIh336fFKmFu0l7VVd/7YrdO72a/SsoQAc8BuDo:id+PQ3K9KMl77dUdc2a/boQAcwuDo
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2