5ccc7dac021af7551dcd3715eeb5e1a2095d823d6044a63f5b83e59ea1e2087c | Triage

Sharing

General

Target

5ccc7dac021af7551dcd3715eeb5e1a2095d823d6044a63f5b83e59ea1e2087c
Size

323KB
Sample

221125-zxdcwsfa33
MD5

b16f784cfeb39e3aae32706cc12f3cad
SHA1

909bcc04aad342462e489db69ddb7078ea56a249
SHA256

5ccc7dac021af7551dcd3715eeb5e1a2095d823d6044a63f5b83e59ea1e2087c
SHA512

89ec937d34dfce008387e0669332c0b92bdf10e1a1e16f2b85b3c2c32b0d57751df66000bb4daaa21dbe8d4f061470c8b388cd31314d955d247d051392b35445
SSDEEP

6144:bzWSRKXnr0ISPlkai1sU0NrI/Gd6FXw0Z:tRinr0ISPlkasZ0NuGdP0Z

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5ccc7dac021af7551dcd3715eeb5e1a2095d823d6044a63f5b83e59ea1e2087c
- Size
  
  323KB
- MD5
  
  b16f784cfeb39e3aae32706cc12f3cad
- SHA1
  
  909bcc04aad342462e489db69ddb7078ea56a249
- SHA256
  
  5ccc7dac021af7551dcd3715eeb5e1a2095d823d6044a63f5b83e59ea1e2087c
- SHA512
  
  89ec937d34dfce008387e0669332c0b92bdf10e1a1e16f2b85b3c2c32b0d57751df66000bb4daaa21dbe8d4f061470c8b388cd31314d955d247d051392b35445
- SSDEEP
  
  6144:bzWSRKXnr0ISPlkai1sU0NrI/Gd6FXw0Z:tRinr0ISPlkasZ0NuGdP0Z
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2