226b047827bef9374f2a558579ad1c555178d1c6f91d4767cf0becda87a2d8ca | Triage

Sharing

General

Target

226b047827bef9374f2a558579ad1c555178d1c6f91d4767cf0becda87a2d8ca
Size

390KB
Sample

221125-egjvhsab23
MD5

b68133a1122e9a09dc4d8e44fab79854
SHA1

143be0b1ffca3bda45a97bd5a10442e28479f7ae
SHA256

226b047827bef9374f2a558579ad1c555178d1c6f91d4767cf0becda87a2d8ca
SHA512

8e29524275e07803979be45a84486ed21698cf0298d772ad3b67857653f638c83af71319b7543ab00a9016dd988fee4358372fa7d13874c355be066b6b16afcd
SSDEEP

6144:d8yv/rArj9vYljMNW30YGzFufPXK6j/URrlKRpYo80Vla6E:GMqj9wS3YG5uK4/p7y

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  226b047827bef9374f2a558579ad1c555178d1c6f91d4767cf0becda87a2d8ca
- Size
  
  390KB
- MD5
  
  b68133a1122e9a09dc4d8e44fab79854
- SHA1
  
  143be0b1ffca3bda45a97bd5a10442e28479f7ae
- SHA256
  
  226b047827bef9374f2a558579ad1c555178d1c6f91d4767cf0becda87a2d8ca
- SHA512
  
  8e29524275e07803979be45a84486ed21698cf0298d772ad3b67857653f638c83af71319b7543ab00a9016dd988fee4358372fa7d13874c355be066b6b16afcd
- SSDEEP
  
  6144:d8yv/rArj9vYljMNW30YGzFufPXK6j/URrlKRpYo80Vla6E:GMqj9wS3YG5uK4/p7y
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2