0a027b43538a519415eb61d1639bbf3ce2f04a5f3b40fa4fe1cc79e39c0a77d5 | Triage

Sharing

General

Target

0a027b43538a519415eb61d1639bbf3ce2f04a5f3b40fa4fe1cc79e39c0a77d5
Size

75KB
Sample

221128-a6ke5aga8t
MD5

2385b5e60a99a4a48ad81ab00fd88a9e
SHA1

fc943d9c1f864abc3e127dd673d1b3f930fda4bc
SHA256

0a027b43538a519415eb61d1639bbf3ce2f04a5f3b40fa4fe1cc79e39c0a77d5
SHA512

80da4935872f2ae3d876b109fe567b9d5f5476a1a12626bbbf1bb727d36237a8d26e473f0952108601833c46d19b0d7dbaa2b5bc828a9721deda8b3547c9a8e3
SSDEEP

1536:af44Z1YoL2vupxF4E1U7T63MYDc96EEUqN44Nilt6H:af447zKmpIoDM8ys

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0a027b43538a519415eb61d1639bbf3ce2f04a5f3b40fa4fe1cc79e39c0a77d5
- Size
  
  75KB
- MD5
  
  2385b5e60a99a4a48ad81ab00fd88a9e
- SHA1
  
  fc943d9c1f864abc3e127dd673d1b3f930fda4bc
- SHA256
  
  0a027b43538a519415eb61d1639bbf3ce2f04a5f3b40fa4fe1cc79e39c0a77d5
- SHA512
  
  80da4935872f2ae3d876b109fe567b9d5f5476a1a12626bbbf1bb727d36237a8d26e473f0952108601833c46d19b0d7dbaa2b5bc828a9721deda8b3547c9a8e3
- SSDEEP
  
  1536:af44Z1YoL2vupxF4E1U7T63MYDc96EEUqN44Nilt6H:af447zKmpIoDM8ys
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2