8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c | Triage

Sharing

General

Target

8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c
Size

115KB
Sample

221127-t3vw8sca25
MD5

f92a5666ea36c16b839e87950e4d6ed9
SHA1

55c32079ec63bc4d1a9e8fd33ba829e463eab0b2
SHA256

8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c
SHA512

2ceecf7c1181c256c45d81db084a7a8b3c4d6b1c27c91acbd7495581c892ae167859d22b90f9b1db44e2da28f594ffab73678866d957a2f4bcb223e270c92c87
SSDEEP

3072:CtJlBQjQbrxBSvp7PBEYcORIOCBSqIEkCtQ:OJnQEqPBdXRWSNjX

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c
- Size
  
  115KB
- MD5
  
  f92a5666ea36c16b839e87950e4d6ed9
- SHA1
  
  55c32079ec63bc4d1a9e8fd33ba829e463eab0b2
- SHA256
  
  8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c
- SHA512
  
  2ceecf7c1181c256c45d81db084a7a8b3c4d6b1c27c91acbd7495581c892ae167859d22b90f9b1db44e2da28f594ffab73678866d957a2f4bcb223e270c92c87
- SSDEEP
  
  3072:CtJlBQjQbrxBSvp7PBEYcORIOCBSqIEkCtQ:OJnQEqPBdXRWSNjX
Score

7^/10

persistence
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2