364bfebaddfec28d91be5cc4b581d70f4c3eef54d762d9c0334c8369be1434b0 | Triage

Sharing

General

Target

364bfebaddfec28d91be5cc4b581d70f4c3eef54d762d9c0334c8369be1434b0
Size

221KB
Sample

221128-p4vkmsdh89
MD5

611e0560188969634971c89761f8d370
SHA1

26daccae5bcf07a1bceb4587081bc8e550a61e31
SHA256

364bfebaddfec28d91be5cc4b581d70f4c3eef54d762d9c0334c8369be1434b0
SHA512

ff6b25e78b9974872a72725713d015d213ba9b54857e357007583e16f64f14ea6123b38ca3f93c19f8c9b2313799db19e31c9a8d1a23b8b20d97631d18fc4f32
SSDEEP

3072:sEgxtQz3eD0QS4XMQD0Kn2+aBs9Q2XHxbaIZgsBrDX5g5IAYDk3CARujqXUdlxGr:vTlM0JsK2XJnZgkrxDk3kGk2AOv7

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  364bfebaddfec28d91be5cc4b581d70f4c3eef54d762d9c0334c8369be1434b0
- Size
  
  221KB
- MD5
  
  611e0560188969634971c89761f8d370
- SHA1
  
  26daccae5bcf07a1bceb4587081bc8e550a61e31
- SHA256
  
  364bfebaddfec28d91be5cc4b581d70f4c3eef54d762d9c0334c8369be1434b0
- SHA512
  
  ff6b25e78b9974872a72725713d015d213ba9b54857e357007583e16f64f14ea6123b38ca3f93c19f8c9b2313799db19e31c9a8d1a23b8b20d97631d18fc4f32
- SSDEEP
  
  3072:sEgxtQz3eD0QS4XMQD0Kn2+aBs9Q2XHxbaIZgsBrDX5g5IAYDk3CARujqXUdlxGr:vTlM0JsK2XJnZgkrxDk3kGk2AOv7
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2