c6b1ea1dc17260a09c0b277a766ecdc73c3257f318bc00fbec95bd9fca48ce24 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6b1ea1dc17260a09c0b277a766ecdc73c3257f318bc00fbec95bd9fca48ce24
Size

126KB
Sample

221127-qy43kabf65
MD5

ea272cc0a9e2e49a5fa04f4ea04baef4
SHA1

54f79b4233a7981e72e6a2bffeb9dfb2cb913d35
SHA256

c6b1ea1dc17260a09c0b277a766ecdc73c3257f318bc00fbec95bd9fca48ce24
SHA512

277f8fca063f69755068d87d03d44c6819c91f7ec7e349fe8b5e83f3b71c9ab754933b927a5bd586c23108873ca589eea3f9a22a358906a62ce19a1560a8d3ae
SSDEEP

1536:2UBGDs5dcfacfNogEJ/0MvC3sNpxuhvQ7jsSj9J4OmjzH1DAanaamScEUFQTPCMu:2I5d0fNLOP68NpEvQntBHKHR5nIiaMmD

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c6b1ea1dc17260a09c0b277a766ecdc73c3257f318bc00fbec95bd9fca48ce24
- Size
  
  126KB
- MD5
  
  ea272cc0a9e2e49a5fa04f4ea04baef4
- SHA1
  
  54f79b4233a7981e72e6a2bffeb9dfb2cb913d35
- SHA256
  
  c6b1ea1dc17260a09c0b277a766ecdc73c3257f318bc00fbec95bd9fca48ce24
- SHA512
  
  277f8fca063f69755068d87d03d44c6819c91f7ec7e349fe8b5e83f3b71c9ab754933b927a5bd586c23108873ca589eea3f9a22a358906a62ce19a1560a8d3ae
- SSDEEP
  
  1536:2UBGDs5dcfacfNogEJ/0MvC3sNpxuhvQ7jsSj9J4OmjzH1DAanaamScEUFQTPCMu:2I5d0fNLOP68NpEvQntBHKHR5nIiaMmD
Score

7^/10

persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2