c33819f3242447a700cbf637c86f1b17edc86dbf996e2111dc66d622fb081d7b | Triage

Sharing

General

Target

c33819f3242447a700cbf637c86f1b17edc86dbf996e2111dc66d622fb081d7b
Size

509KB
Sample

221128-ahwhgsed3s
MD5

f204e299cbfbfe1634e9027f91071a36
SHA1

5483848741d191789131d9e399862b13bdfade50
SHA256

c33819f3242447a700cbf637c86f1b17edc86dbf996e2111dc66d622fb081d7b
SHA512

31648706b3da42a8f068efed80113d480e7ad709bc009ea79f142ce87a7d476eaf803651c3f67850d62ddba5c27ecb52c70db85379c4d13e236b58dd38919387
SSDEEP

6144:oKWnSagcHlT3xXlaOcmTo+ujGnA7vDCt3U8HRT6nWN:oKWSTcF7rFm0yCpRT6nQ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c33819f3242447a700cbf637c86f1b17edc86dbf996e2111dc66d622fb081d7b
- Size
  
  509KB
- MD5
  
  f204e299cbfbfe1634e9027f91071a36
- SHA1
  
  5483848741d191789131d9e399862b13bdfade50
- SHA256
  
  c33819f3242447a700cbf637c86f1b17edc86dbf996e2111dc66d622fb081d7b
- SHA512
  
  31648706b3da42a8f068efed80113d480e7ad709bc009ea79f142ce87a7d476eaf803651c3f67850d62ddba5c27ecb52c70db85379c4d13e236b58dd38919387
- SSDEEP
  
  6144:oKWnSagcHlT3xXlaOcmTo+ujGnA7vDCt3U8HRT6nWN:oKWSTcF7rFm0yCpRT6nQ
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2