8bcfa449062c2506a83b284fef5b67614f8e474b771178a4ecee7c9a27039691 | Triage

Sharing

General

Target

8bcfa449062c2506a83b284fef5b67614f8e474b771178a4ecee7c9a27039691
Size

126KB
Sample

221126-272vcacc25
MD5

ad4c92691004d28fb63155da7ee3244d
SHA1

3b0d23dfca1e8db2ca89849ac4e712dc4210c253
SHA256

8bcfa449062c2506a83b284fef5b67614f8e474b771178a4ecee7c9a27039691
SHA512

27cf5d43a7437315c52cfe05cd066e1b73c1632212af1c2a290c79adf4c58cedd3dfed93f95da5350ceced221ad34110732a3ee0261a140fb77f15fb2305ce22
SSDEEP

3072:pE32P0xKLBStd3jUQdW66THeOO16ogZrss1IyLXfgQR:p3PgyBqz14TE6dZrbI6vR

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  RG928200002_2014_november_00000329320.023042490280.0324980000038-0000006.exe
- Size
  
  176KB
- MD5
  
  5095f22cbdd7c59303fb7d670c97afa5
- SHA1
  
  35712036e76c5215b512f9ddb73321617387a98c
- SHA256
  
  79e4ffae8c0d0abd80d090d5f3465855b25955509e78d0ced3eab4cfa6d43015
- SHA512
  
  9c4815c773a1b57c1178056fec3063894869b51af02cca52baf94a8ee1644d90a2b7444951979f15ecf90f718ad920353cf21927e754158580e479ea5106c0fc
- SSDEEP
  
  3072:5KzHNmI+9MEJRuOmz1C+cSQStd3jUQdW6OTHeOO16ogZrssN6wc+ga0Mhze:5qHByNJGBC+Cqz14TE6dZr5PQ
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2