51ffa2dcdf201e0cce0f69a55f5693d6fcd911c13748b6b73538ceaea783c30f | Triage

Sharing

General

Target

51ffa2dcdf201e0cce0f69a55f5693d6fcd911c13748b6b73538ceaea783c30f
Size

135KB
Sample

221128-g127babg44
MD5

264f0123ad62061dcd9b1c278c5220af
SHA1

0e8768201067d9b905722f6e5a7be0c542baad75
SHA256

51ffa2dcdf201e0cce0f69a55f5693d6fcd911c13748b6b73538ceaea783c30f
SHA512

115aabb6936714301accf51e6c3138c307559753ab3d0cf39c2931a31c91299d2e0d8ad784bd7a7e4b128f830165f1e5d9200ac11124cd4bd7994f785e19f1db
SSDEEP

3072:XBxb11BUetVLzYJRWK4X3XCojxsKAOPL64784VV:xxb19LzYJRWXnxjxs4PL64pV

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  51ffa2dcdf201e0cce0f69a55f5693d6fcd911c13748b6b73538ceaea783c30f
- Size
  
  135KB
- MD5
  
  264f0123ad62061dcd9b1c278c5220af
- SHA1
  
  0e8768201067d9b905722f6e5a7be0c542baad75
- SHA256
  
  51ffa2dcdf201e0cce0f69a55f5693d6fcd911c13748b6b73538ceaea783c30f
- SHA512
  
  115aabb6936714301accf51e6c3138c307559753ab3d0cf39c2931a31c91299d2e0d8ad784bd7a7e4b128f830165f1e5d9200ac11124cd4bd7994f785e19f1db
- SSDEEP
  
  3072:XBxb11BUetVLzYJRWK4X3XCojxsKAOPL64784VV:xxb19LzYJRWXnxjxs4PL64pV
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2