9dab1a55065e0eff51e2653e5f4c2c36a0e2d894f3cf96c35a9ceda5aa77599a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9dab1a55065e0eff51e2653e5f4c2c36a0e2d894f3cf96c35a9ceda5aa77599a
Size

445KB
Sample

221129-e6mygaee82
MD5

87294439fa4ab790ef8eced8e5e94ba2
SHA1

1cf53fd1a815e75eae268ad13fe9e1309f427647
SHA256

9dab1a55065e0eff51e2653e5f4c2c36a0e2d894f3cf96c35a9ceda5aa77599a
SHA512

3b52cd3530b3b9354c95df2b3dd426f1697a9b093a19b37c302048234e95f0a824eea562619fec4f5af8fc4bf67f130f11f2a76c47247d029e4de3c751e1c219
SSDEEP

12288:fyXwlhd+C5IxJ845HYV5sxOH/cccccccevliPq:fVlvav84a5sxC

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9dab1a55065e0eff51e2653e5f4c2c36a0e2d894f3cf96c35a9ceda5aa77599a
- Size
  
  445KB
- MD5
  
  87294439fa4ab790ef8eced8e5e94ba2
- SHA1
  
  1cf53fd1a815e75eae268ad13fe9e1309f427647
- SHA256
  
  9dab1a55065e0eff51e2653e5f4c2c36a0e2d894f3cf96c35a9ceda5aa77599a
- SHA512
  
  3b52cd3530b3b9354c95df2b3dd426f1697a9b093a19b37c302048234e95f0a824eea562619fec4f5af8fc4bf67f130f11f2a76c47247d029e4de3c751e1c219
- SSDEEP
  
  12288:fyXwlhd+C5IxJ845HYV5sxOH/cccccccevliPq:fVlvav84a5sxC
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2