17d50f2a10ad166bdf18faefcead14211f738f71b2ab777296b6cb0f72cada34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17d50f2a10ad166bdf18faefcead14211f738f71b2ab777296b6cb0f72cada34
Size

429KB
Sample

221129-mpws2seb51
MD5

7fc7a09524a8569c3ad1069546b30c8f
SHA1

50d4952c98da345de3746eda9ae2a7ee4e7d0fe3
SHA256

17d50f2a10ad166bdf18faefcead14211f738f71b2ab777296b6cb0f72cada34
SHA512

925984278ef3f82bc65d8918422762895f6d349622ecb942f3140e8dcfe816d410e2c72eb413b498624211a54476d46ba83679ceed361b317833a9ccc02a1f64
SSDEEP

12288:oucxVT7MoXLZzrSGFVaraq7wvMrdrsnzuGPhMHLNWjI:W3Zzva2q7wnzug2Hb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  17d50f2a10ad166bdf18faefcead14211f738f71b2ab777296b6cb0f72cada34
- Size
  
  429KB
- MD5
  
  7fc7a09524a8569c3ad1069546b30c8f
- SHA1
  
  50d4952c98da345de3746eda9ae2a7ee4e7d0fe3
- SHA256
  
  17d50f2a10ad166bdf18faefcead14211f738f71b2ab777296b6cb0f72cada34
- SHA512
  
  925984278ef3f82bc65d8918422762895f6d349622ecb942f3140e8dcfe816d410e2c72eb413b498624211a54476d46ba83679ceed361b317833a9ccc02a1f64
- SSDEEP
  
  12288:oucxVT7MoXLZzrSGFVaraq7wvMrdrsnzuGPhMHLNWjI:W3Zzva2q7wnzug2Hb
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2