9bf4c6321ce6f14d3068dcf447457d65d12434bbd4d3a2984b17f56281bbe4de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bf4c6321ce6f14d3068dcf447457d65d12434bbd4d3a2984b17f56281bbe4de
Size

100KB
Sample

221127-nezbvsgd5s
MD5

b8dec0687ff4ce85a300df0b821b444e
SHA1

8385641652c96742ac8827273b10e0e379a8d3e2
SHA256

9bf4c6321ce6f14d3068dcf447457d65d12434bbd4d3a2984b17f56281bbe4de
SHA512

ee38e1c5d66d5655df06d2127445db29ffb0a0bcdd243a98ab94581e2a743a335b936fcf65e58101d8bdf2c72c4e50d4c8a49b34bf8d8940d1540c22127d655d
SSDEEP

768:qz4UHelD5h7sYJdf0EAGzetW5SdMRZ5omsSz9qMkMem0dUAKf6wocuXfsWLopitb:M4qU/7R7z4AimJEkAK5zuXfsagYXY65

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9bf4c6321ce6f14d3068dcf447457d65d12434bbd4d3a2984b17f56281bbe4de
- Size
  
  100KB
- MD5
  
  b8dec0687ff4ce85a300df0b821b444e
- SHA1
  
  8385641652c96742ac8827273b10e0e379a8d3e2
- SHA256
  
  9bf4c6321ce6f14d3068dcf447457d65d12434bbd4d3a2984b17f56281bbe4de
- SHA512
  
  ee38e1c5d66d5655df06d2127445db29ffb0a0bcdd243a98ab94581e2a743a335b936fcf65e58101d8bdf2c72c4e50d4c8a49b34bf8d8940d1540c22127d655d
- SSDEEP
  
  768:qz4UHelD5h7sYJdf0EAGzetW5SdMRZ5omsSz9qMkMem0dUAKf6wocuXfsWLopitb:M4qU/7R7z4AimJEkAK5zuXfsagYXY65
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2