6525d1460c94d387d56cff836bf535c149c9451d8ca2e4295709c0a0992b24e9 | Triage

Sharing

General

Target

6525d1460c94d387d56cff836bf535c149c9451d8ca2e4295709c0a0992b24e9
Size

296KB
Sample

221125-jmcqlsfd2t
MD5

fba722c6f416ce5f8bdada5be3b32404
SHA1

455824dd68c15670cacf9c8467fcddcd404064d4
SHA256

6525d1460c94d387d56cff836bf535c149c9451d8ca2e4295709c0a0992b24e9
SHA512

a9d7fd9ce51024bc59de0c6c3d4f95b8c013b7bbd722e342d418352bf74dd7eed66f2a8c637c9c04a98f9e87061579bb73b08540bcd0e09b612c2185e97ee858
SSDEEP

6144:BXX3/EPJadSP2OIknga866u0c74ji8FYCZ+C5:BXHUJ6o2K9/6DcwXZ+C

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6525d1460c94d387d56cff836bf535c149c9451d8ca2e4295709c0a0992b24e9
- Size
  
  296KB
- MD5
  
  fba722c6f416ce5f8bdada5be3b32404
- SHA1
  
  455824dd68c15670cacf9c8467fcddcd404064d4
- SHA256
  
  6525d1460c94d387d56cff836bf535c149c9451d8ca2e4295709c0a0992b24e9
- SHA512
  
  a9d7fd9ce51024bc59de0c6c3d4f95b8c013b7bbd722e342d418352bf74dd7eed66f2a8c637c9c04a98f9e87061579bb73b08540bcd0e09b612c2185e97ee858
- SSDEEP
  
  6144:BXX3/EPJadSP2OIknga866u0c74ji8FYCZ+C5:BXHUJ6o2K9/6DcwXZ+C
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2