2e0fa594301d152e77c56bdf39a39e5999cf0562848c8bcccf413f1f8601ab1f | Triage

Sharing

General

Target

2e0fa594301d152e77c56bdf39a39e5999cf0562848c8bcccf413f1f8601ab1f
Size

374KB
Sample

221125-dvcspabh4t
MD5

a93dd0912555b3092711e3e6f587f85b
SHA1

47b842fcf30d81717edb5f24dc5f5a6e550cccb9
SHA256

2e0fa594301d152e77c56bdf39a39e5999cf0562848c8bcccf413f1f8601ab1f
SHA512

d33510c1edfc8d21c679be3342d2d6d10679864735a1fbb9fd3bccc4f3f09c5ba1a7e7c557aedef44dcb0832e5ee95739f88f82a4b0de05e4dfacdf00b0ab01a
SSDEEP

6144:Cqnc6NtgQ4sMe5Th+OR8mdY7mwcU3QFpThnOVOnNtW56oqPwZ9qlZyOeyNJl:z3N6Q4ExdY7mwchFpTwVES56oq+9qlZX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2e0fa594301d152e77c56bdf39a39e5999cf0562848c8bcccf413f1f8601ab1f
- Size
  
  374KB
- MD5
  
  a93dd0912555b3092711e3e6f587f85b
- SHA1
  
  47b842fcf30d81717edb5f24dc5f5a6e550cccb9
- SHA256
  
  2e0fa594301d152e77c56bdf39a39e5999cf0562848c8bcccf413f1f8601ab1f
- SHA512
  
  d33510c1edfc8d21c679be3342d2d6d10679864735a1fbb9fd3bccc4f3f09c5ba1a7e7c557aedef44dcb0832e5ee95739f88f82a4b0de05e4dfacdf00b0ab01a
- SSDEEP
  
  6144:Cqnc6NtgQ4sMe5Th+OR8mdY7mwcU3QFpThnOVOnNtW56oqPwZ9qlZyOeyNJl:z3N6Q4ExdY7mwchFpTwVES56oq+9qlZX
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2