a0ab54634c2cfcfffe61bdbd6b648cc512b2cceb8d4eab5ce072862ef874d5d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0ab54634c2cfcfffe61bdbd6b648cc512b2cceb8d4eab5ce072862ef874d5d0
Size

96KB
Sample

221129-rm1rfaah5t
MD5

7b9eb8dbfb09f4613961764ed4d3be75
SHA1

1b18b773fc9284b7bf9a40c2648bd8443c37ec71
SHA256

a0ab54634c2cfcfffe61bdbd6b648cc512b2cceb8d4eab5ce072862ef874d5d0
SHA512

4c5646015b225e7eed0ec49a8b2bfc35f8c5857196282f486af4a91f6bfd4d8d1ec2fd3e4808eb23548871aed632fea7f16e18d4fee11d9a4227bb3f606ab054
SSDEEP

1536:C8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:TGH2KRXc3blXmtnitjuJG6SisYQT4b4/

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a0ab54634c2cfcfffe61bdbd6b648cc512b2cceb8d4eab5ce072862ef874d5d0
- Size
  
  96KB
- MD5
  
  7b9eb8dbfb09f4613961764ed4d3be75
- SHA1
  
  1b18b773fc9284b7bf9a40c2648bd8443c37ec71
- SHA256
  
  a0ab54634c2cfcfffe61bdbd6b648cc512b2cceb8d4eab5ce072862ef874d5d0
- SHA512
  
  4c5646015b225e7eed0ec49a8b2bfc35f8c5857196282f486af4a91f6bfd4d8d1ec2fd3e4808eb23548871aed632fea7f16e18d4fee11d9a4227bb3f606ab054
- SSDEEP
  
  1536:C8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:TGH2KRXc3blXmtnitjuJG6SisYQT4b4/
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2