392727353059f37460d40fc35510b8f778141153570d6a69158f9f55bca4bce1 | Triage

Sharing

General

Target

392727353059f37460d40fc35510b8f778141153570d6a69158f9f55bca4bce1
Size

256KB
Sample

221125-c82hjaad7z
MD5

48a68d2ed91cf18021457a0f3c5e74f0
SHA1

848900385dcfa6db8ab8be8d705202a18324a1af
SHA256

392727353059f37460d40fc35510b8f778141153570d6a69158f9f55bca4bce1
SHA512

8a82016f598df542e7c4eafd309b68956d5a2adc71c19d7fdbad9b70abf3a25d24d8705642842c090ce6aa198387ac466990d58956bfa7c08d77c0d790d1ae0c
SSDEEP

3072:SZXkqL4Cc05Z+aGmxSJzvbTZWeRem5DRoWB9z6rc0Ny1pPhofPaMX:aXkwpoaynhEkbArc0NYppQPT

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  392727353059f37460d40fc35510b8f778141153570d6a69158f9f55bca4bce1
- Size
  
  256KB
- MD5
  
  48a68d2ed91cf18021457a0f3c5e74f0
- SHA1
  
  848900385dcfa6db8ab8be8d705202a18324a1af
- SHA256
  
  392727353059f37460d40fc35510b8f778141153570d6a69158f9f55bca4bce1
- SHA512
  
  8a82016f598df542e7c4eafd309b68956d5a2adc71c19d7fdbad9b70abf3a25d24d8705642842c090ce6aa198387ac466990d58956bfa7c08d77c0d790d1ae0c
- SSDEEP
  
  3072:SZXkqL4Cc05Z+aGmxSJzvbTZWeRem5DRoWB9z6rc0Ny1pPhofPaMX:aXkwpoaynhEkbArc0NYppQPT
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2