835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1
Size

311KB
Sample

221129-hjj5vahe9v
MD5

37ef2c7912df52071b0587056f7e56ab
SHA1

a70d749416dfe4cd5556172fa1cbf495af9ae6d8
SHA256

835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1
SHA512

2171ef0a748faabc982a39fd224d0457cdc4f45e5b9bf834bde0da630bfbcb092a3ad5f66e9f22e6399033eb4946ed47d938f15ee92c7c1c03c34af0242595e5
SSDEEP

6144:+79GmVGK9oppWETSml5L1wNaMjLbLKhdulJGbiJJnuyV:0xVGpppWETv1qHDXJnuc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1
- Size
  
  311KB
- MD5
  
  37ef2c7912df52071b0587056f7e56ab
- SHA1
  
  a70d749416dfe4cd5556172fa1cbf495af9ae6d8
- SHA256
  
  835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1
- SHA512
  
  2171ef0a748faabc982a39fd224d0457cdc4f45e5b9bf834bde0da630bfbcb092a3ad5f66e9f22e6399033eb4946ed47d938f15ee92c7c1c03c34af0242595e5
- SSDEEP
  
  6144:+79GmVGK9oppWETSml5L1wNaMjLbLKhdulJGbiJJnuyV:0xVGpppWETv1qHDXJnuc
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2