0dd1c1cbd7e9f24a945dba9d561bf18c3a689981abc3da44500fe8156d035769 | Triage

Sharing

General

Target

0dd1c1cbd7e9f24a945dba9d561bf18c3a689981abc3da44500fe8156d035769
Size

216KB
Sample

221125-fm3p9aga9t
MD5

8a904f56600b0cd6209b25e42fe540bc
SHA1

691620d4a0903b1386a259893224e2a11c1a97ed
SHA256

0dd1c1cbd7e9f24a945dba9d561bf18c3a689981abc3da44500fe8156d035769
SHA512

f8c022a5f5d6282acffa04d4f4ac07b4031beeb0c51eaa101dea580e324904ce85728a22dc34dbba195a1ea9543accbbc0d786505a39c114d0cc47801dbed713
SSDEEP

6144:2uVmC725GHMYuXz9kXGk4rMwWK457IAhs:zkYu2ard+i

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0dd1c1cbd7e9f24a945dba9d561bf18c3a689981abc3da44500fe8156d035769
- Size
  
  216KB
- MD5
  
  8a904f56600b0cd6209b25e42fe540bc
- SHA1
  
  691620d4a0903b1386a259893224e2a11c1a97ed
- SHA256
  
  0dd1c1cbd7e9f24a945dba9d561bf18c3a689981abc3da44500fe8156d035769
- SHA512
  
  f8c022a5f5d6282acffa04d4f4ac07b4031beeb0c51eaa101dea580e324904ce85728a22dc34dbba195a1ea9543accbbc0d786505a39c114d0cc47801dbed713
- SSDEEP
  
  6144:2uVmC725GHMYuXz9kXGk4rMwWK457IAhs:zkYu2ard+i
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2