37ead78aa10639375967da20f156cbcb432a87a73f817f6eb9324305d5cd21f2 | Triage

Sharing

General

Target

37ead78aa10639375967da20f156cbcb432a87a73f817f6eb9324305d5cd21f2
Size

327KB
Sample

221125-dazrqaaf2s
MD5

852f07d869bb7083dada3985d772c609
SHA1

201bbcf8c6db0cca6426d5250e1fee73e96b763b
SHA256

37ead78aa10639375967da20f156cbcb432a87a73f817f6eb9324305d5cd21f2
SHA512

09dcfecc2154a72d4ae9356ba81f31d3c6fb0cd686be60da58a93b03cd69a2a365da173eef243d0344a21a36e3efeba18721c9a23768fc4fdf2ab677d950cafb
SSDEEP

6144:FGbBRMmBhuZFoCpQkO11IDzHjg23ci1SxM43bKHij2x2:FGbBWmBCoCpw1IDzjPJp4eiSx2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  37ead78aa10639375967da20f156cbcb432a87a73f817f6eb9324305d5cd21f2
- Size
  
  327KB
- MD5
  
  852f07d869bb7083dada3985d772c609
- SHA1
  
  201bbcf8c6db0cca6426d5250e1fee73e96b763b
- SHA256
  
  37ead78aa10639375967da20f156cbcb432a87a73f817f6eb9324305d5cd21f2
- SHA512
  
  09dcfecc2154a72d4ae9356ba81f31d3c6fb0cd686be60da58a93b03cd69a2a365da173eef243d0344a21a36e3efeba18721c9a23768fc4fdf2ab677d950cafb
- SSDEEP
  
  6144:FGbBRMmBhuZFoCpQkO11IDzHjg23ci1SxM43bKHij2x2:FGbBWmBCoCpw1IDzjPJp4eiSx2
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2