523a23e518dfde9c1785ae09e7d503b3082e8c19be264865e3a8c5d243792b4f | Triage

Sharing

General

Target

523a23e518dfde9c1785ae09e7d503b3082e8c19be264865e3a8c5d243792b4f
Size

234KB
Sample

221125-jrnzfacb66
MD5

c73855f2bf4c3d3d8a6fefe3ae5d2706
SHA1

1fe73e84b45419dcc3f84269500ee5eea0fa1321
SHA256

523a23e518dfde9c1785ae09e7d503b3082e8c19be264865e3a8c5d243792b4f
SHA512

a7a6dda2edf6da2420b90c870f64f06d73b51ca314fa23a3bbe3efcf1b3fa9da54682e091a56fd5e5b355cda0f5f9245adf6eb5b8311ba43fe50ae4abb1bcc4d
SSDEEP

6144:poRMKI6vRaRwTMrUi9GEjYy4zK+U0DjPG:WR/pa6TM54zh/G

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  523a23e518dfde9c1785ae09e7d503b3082e8c19be264865e3a8c5d243792b4f
- Size
  
  234KB
- MD5
  
  c73855f2bf4c3d3d8a6fefe3ae5d2706
- SHA1
  
  1fe73e84b45419dcc3f84269500ee5eea0fa1321
- SHA256
  
  523a23e518dfde9c1785ae09e7d503b3082e8c19be264865e3a8c5d243792b4f
- SHA512
  
  a7a6dda2edf6da2420b90c870f64f06d73b51ca314fa23a3bbe3efcf1b3fa9da54682e091a56fd5e5b355cda0f5f9245adf6eb5b8311ba43fe50ae4abb1bcc4d
- SSDEEP
  
  6144:poRMKI6vRaRwTMrUi9GEjYy4zK+U0DjPG:WR/pa6TM54zh/G
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2