673f059543ca64c1b4ce22781da4c71db7cfc0205cef2ab71b904ef01c6ab3e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

673f059543ca64c1b4ce22781da4c71db7cfc0205cef2ab71b904ef01c6ab3e5
Size

1.1MB
Sample

221127-tstleseg4x
MD5

19cb035b93aed10c3834f828e6dd9f6b
SHA1

ea598f2dc47d1fabd0285a66b3af9e760242b80c
SHA256

673f059543ca64c1b4ce22781da4c71db7cfc0205cef2ab71b904ef01c6ab3e5
SHA512

4aabfd3d7a21666f99e6f1e0150ef38834663da40e9555b2adfaf13f759e63d32a43c543b814797e76d3fe535bc3dd4d238b4c081b6c1582b93dce251b2e3594
SSDEEP

24576:gFARgOEDvJxoJCOKai9AGBtZFR9pVhvJ14qgFWZS/M3vLwk8RKA/tJHeqnJq6wHy:tEDDoJCOKaiaGBtZFR9pVhvJ14qgFWZa

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  673f059543ca64c1b4ce22781da4c71db7cfc0205cef2ab71b904ef01c6ab3e5
- Size
  
  1.1MB
- MD5
  
  19cb035b93aed10c3834f828e6dd9f6b
- SHA1
  
  ea598f2dc47d1fabd0285a66b3af9e760242b80c
- SHA256
  
  673f059543ca64c1b4ce22781da4c71db7cfc0205cef2ab71b904ef01c6ab3e5
- SHA512
  
  4aabfd3d7a21666f99e6f1e0150ef38834663da40e9555b2adfaf13f759e63d32a43c543b814797e76d3fe535bc3dd4d238b4c081b6c1582b93dce251b2e3594
- SSDEEP
  
  24576:gFARgOEDvJxoJCOKai9AGBtZFR9pVhvJ14qgFWZS/M3vLwk8RKA/tJHeqnJq6wHy:tEDDoJCOKaiaGBtZFR9pVhvJ14qgFWZa
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2