c5b07b4d969b9d6a47e324f93c7970ccccee8090e9983f6ea7c47a7f13ab34d6 | Triage

Sharing

General

Target

c5b07b4d969b9d6a47e324f93c7970ccccee8090e9983f6ea7c47a7f13ab34d6
Size

303KB
Sample

221127-d6x8rsfg52
MD5

a971b0ea4901d6911dfb29971d6d538c
SHA1

ae89f6436049b45975cd72a8be1886e96e7b0f83
SHA256

c5b07b4d969b9d6a47e324f93c7970ccccee8090e9983f6ea7c47a7f13ab34d6
SHA512

47c94e784ac99a1904eec928d700780bbed450b6935a01fa0fe99d8289ce5b6a4c783db6e16daab78dfcacbe7060212606c0d47b95bd0ae32376e390b9f547c4
SSDEEP

6144:g+lq917GsN8fU+3mKUT2VCuun4cE4TyLvTtqRK94Z:9q91vQU+3mDTIbU4tq4vT444Z

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c5b07b4d969b9d6a47e324f93c7970ccccee8090e9983f6ea7c47a7f13ab34d6
- Size
  
  303KB
- MD5
  
  a971b0ea4901d6911dfb29971d6d538c
- SHA1
  
  ae89f6436049b45975cd72a8be1886e96e7b0f83
- SHA256
  
  c5b07b4d969b9d6a47e324f93c7970ccccee8090e9983f6ea7c47a7f13ab34d6
- SHA512
  
  47c94e784ac99a1904eec928d700780bbed450b6935a01fa0fe99d8289ce5b6a4c783db6e16daab78dfcacbe7060212606c0d47b95bd0ae32376e390b9f547c4
- SSDEEP
  
  6144:g+lq917GsN8fU+3mKUT2VCuun4cE4TyLvTtqRK94Z:9q91vQU+3mDTIbU4tq4vT444Z
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2