b3c23ec51895d05f3b443ea1ec8f0a1577d81df50c43ab7ac881f923657f3796 | Triage

Sharing

General

Target

b3c23ec51895d05f3b443ea1ec8f0a1577d81df50c43ab7ac881f923657f3796
Size

15.0MB
Sample

221125-kr6pxsee92
MD5

fc5808b8d93e862a2cbff21fd4ef9c06
SHA1

2f3c6e3367ff0a2b15dc081d065f74e05cc92be2
SHA256

b3c23ec51895d05f3b443ea1ec8f0a1577d81df50c43ab7ac881f923657f3796
SHA512

ab469f7484e4130fe88cc1ab41d00af6c6f3997031220fe88550a69a0ad0d33c0481eae8b8b582577ac390815e6f71bf448417437da39d18aa3c96512d169074
SSDEEP

1536:qtXJmmLH3mwY4NwfIuHVjZGjnFDbVYD1+Yj8:qBJmEXCf/nGBNU1+D

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b3c23ec51895d05f3b443ea1ec8f0a1577d81df50c43ab7ac881f923657f3796
- Size
  
  15.0MB
- MD5
  
  fc5808b8d93e862a2cbff21fd4ef9c06
- SHA1
  
  2f3c6e3367ff0a2b15dc081d065f74e05cc92be2
- SHA256
  
  b3c23ec51895d05f3b443ea1ec8f0a1577d81df50c43ab7ac881f923657f3796
- SHA512
  
  ab469f7484e4130fe88cc1ab41d00af6c6f3997031220fe88550a69a0ad0d33c0481eae8b8b582577ac390815e6f71bf448417437da39d18aa3c96512d169074
- SSDEEP
  
  1536:qtXJmmLH3mwY4NwfIuHVjZGjnFDbVYD1+Yj8:qBJmEXCf/nGBNU1+D
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2