22c085aded630bf7cc0133c1806c76fea2402b7ff1ec2370b06144f60f1f085d | Triage

Sharing

General

Target

22c085aded630bf7cc0133c1806c76fea2402b7ff1ec2370b06144f60f1f085d
Size

206KB
Sample

221125-zxdzeshh6x
MD5

1382b473288ae6db380553c44e0c403a
SHA1

4876112cb35302139f3ef65bd23179e7ac9d4b91
SHA256

22c085aded630bf7cc0133c1806c76fea2402b7ff1ec2370b06144f60f1f085d
SHA512

dfd756d619a93842859cd48493828d72e01f81cd4b0d4c63f3cebca5a00d9ccfad50ce6a792bb99b7e85f24cea0ab260dac503a2fe750a384076a4e8a11b4699
SSDEEP

3072:ySsegykPJ9vgVrFmaf1gNXoV6eYYimYPYYufSFFxDiaolL01DQYruMwLX:WeYT6AogpoUebEPYYufyDiDLnYnw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  22c085aded630bf7cc0133c1806c76fea2402b7ff1ec2370b06144f60f1f085d
- Size
  
  206KB
- MD5
  
  1382b473288ae6db380553c44e0c403a
- SHA1
  
  4876112cb35302139f3ef65bd23179e7ac9d4b91
- SHA256
  
  22c085aded630bf7cc0133c1806c76fea2402b7ff1ec2370b06144f60f1f085d
- SHA512
  
  dfd756d619a93842859cd48493828d72e01f81cd4b0d4c63f3cebca5a00d9ccfad50ce6a792bb99b7e85f24cea0ab260dac503a2fe750a384076a4e8a11b4699
- SSDEEP
  
  3072:ySsegykPJ9vgVrFmaf1gNXoV6eYYimYPYYufSFFxDiaolL01DQYruMwLX:WeYT6AogpoUebEPYYufyDiDLnYnw
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2