a01deced669d9492bc30530ed9e46684dc7bdc1acfe99cb637e899843558522a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a01deced669d9492bc30530ed9e46684dc7bdc1acfe99cb637e899843558522a
Size

296KB
Sample

221129-e28dlseb98
MD5

c22437f21ed934febe7ad663a5e1174e
SHA1

bbd66b464bbb37bb626d54168203a14482e54a92
SHA256

a01deced669d9492bc30530ed9e46684dc7bdc1acfe99cb637e899843558522a
SHA512

8d090ebca9ea24316d175704fe217c271705db75c23b013e290bf2c414c44f8d4949eeb241162d24d600b3dc04245f829018d4e61411c67bd0d7f25e13f05fea
SSDEEP

6144:2o4ksvUGxV8teDa0t8EYk9ECEMnj05RoWfvh8EybgjmT32bA22j:2o8V8teDaZEj7/joRoDjUhAr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a01deced669d9492bc30530ed9e46684dc7bdc1acfe99cb637e899843558522a
- Size
  
  296KB
- MD5
  
  c22437f21ed934febe7ad663a5e1174e
- SHA1
  
  bbd66b464bbb37bb626d54168203a14482e54a92
- SHA256
  
  a01deced669d9492bc30530ed9e46684dc7bdc1acfe99cb637e899843558522a
- SHA512
  
  8d090ebca9ea24316d175704fe217c271705db75c23b013e290bf2c414c44f8d4949eeb241162d24d600b3dc04245f829018d4e61411c67bd0d7f25e13f05fea
- SSDEEP
  
  6144:2o4ksvUGxV8teDa0t8EYk9ECEMnj05RoWfvh8EybgjmT32bA22j:2o8V8teDaZEj7/joRoDjUhAr
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2