1348df1d2e6b1579a03e3e726e6e74fe664887edfc2a38a9ae8fbe0f34c7368f | Triage

Sharing

General

Target

1348df1d2e6b1579a03e3e726e6e74fe664887edfc2a38a9ae8fbe0f34c7368f
Size

270KB
Sample

221128-fzkp7sha93
MD5

8989ee84238b60f0fc843d5c546656bf
SHA1

06d5a2156f27dcc458becd5402fe45e1979173c5
SHA256

1348df1d2e6b1579a03e3e726e6e74fe664887edfc2a38a9ae8fbe0f34c7368f
SHA512

48fea39e8a3f9c42ba1d98e17acc758ceb3ab4460a8310096c11c8fc751c212c2faa35887661efea4c67321cf9b88911d2e3a262b7916e7b5db60051a48d2128
SSDEEP

6144:etjpLGqvoArlO+Beic2/pWTxq/fnx7GDrRcJIcxyCq0hzfM:27vo8yVq/PERcHxywM

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1348df1d2e6b1579a03e3e726e6e74fe664887edfc2a38a9ae8fbe0f34c7368f
- Size
  
  270KB
- MD5
  
  8989ee84238b60f0fc843d5c546656bf
- SHA1
  
  06d5a2156f27dcc458becd5402fe45e1979173c5
- SHA256
  
  1348df1d2e6b1579a03e3e726e6e74fe664887edfc2a38a9ae8fbe0f34c7368f
- SHA512
  
  48fea39e8a3f9c42ba1d98e17acc758ceb3ab4460a8310096c11c8fc751c212c2faa35887661efea4c67321cf9b88911d2e3a262b7916e7b5db60051a48d2128
- SSDEEP
  
  6144:etjpLGqvoArlO+Beic2/pWTxq/fnx7GDrRcJIcxyCq0hzfM:27vo8yVq/PERcHxywM
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2