General

  • Target

    8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c

  • Size

    115KB

  • Sample

    221127-t3vw8sca25

  • MD5

    f92a5666ea36c16b839e87950e4d6ed9

  • SHA1

    55c32079ec63bc4d1a9e8fd33ba829e463eab0b2

  • SHA256

    8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c

  • SHA512

    2ceecf7c1181c256c45d81db084a7a8b3c4d6b1c27c91acbd7495581c892ae167859d22b90f9b1db44e2da28f594ffab73678866d957a2f4bcb223e270c92c87

  • SSDEEP

    3072:CtJlBQjQbrxBSvp7PBEYcORIOCBSqIEkCtQ:OJnQEqPBdXRWSNjX

Score
7/10

Malware Config

Targets

    • Target

      8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c

    • Size

      115KB

    • MD5

      f92a5666ea36c16b839e87950e4d6ed9

    • SHA1

      55c32079ec63bc4d1a9e8fd33ba829e463eab0b2

    • SHA256

      8d2d3f159b35b648de8d1d1c83a1a0ece50cd2a00cf1063a8b4134b8bf3e342c

    • SHA512

      2ceecf7c1181c256c45d81db084a7a8b3c4d6b1c27c91acbd7495581c892ae167859d22b90f9b1db44e2da28f594ffab73678866d957a2f4bcb223e270c92c87

    • SSDEEP

      3072:CtJlBQjQbrxBSvp7PBEYcORIOCBSqIEkCtQ:OJnQEqPBdXRWSNjX

    Score
    7/10
    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Tasks