51e3964a256a56b3bde6d1089d23e64da698dece292d18f007cb9c840b6f57fb | Triage

Sharing

General

Target

51e3964a256a56b3bde6d1089d23e64da698dece292d18f007cb9c840b6f57fb
Size

96KB
Sample

221129-rm8gaagb99
MD5

38d3d60dd60f03bf35c59ae266b60000
SHA1

9a18b3d2cae630ff28759f68904b3ed21bf7312e
SHA256

51e3964a256a56b3bde6d1089d23e64da698dece292d18f007cb9c840b6f57fb
SHA512

46783358d8ec77ddea3e50cf489b7ec85aceb7f30c2cb1587d1ebf87a65be7737181e9cbeff0e018ec4e5d18e95f7783b7095c84f93b33743d686fdaf71225f1
SSDEEP

1536:y8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:jGH2KRXc3blXmtnitjuJG6SisYQT4b4/

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  51e3964a256a56b3bde6d1089d23e64da698dece292d18f007cb9c840b6f57fb
- Size
  
  96KB
- MD5
  
  38d3d60dd60f03bf35c59ae266b60000
- SHA1
  
  9a18b3d2cae630ff28759f68904b3ed21bf7312e
- SHA256
  
  51e3964a256a56b3bde6d1089d23e64da698dece292d18f007cb9c840b6f57fb
- SHA512
  
  46783358d8ec77ddea3e50cf489b7ec85aceb7f30c2cb1587d1ebf87a65be7737181e9cbeff0e018ec4e5d18e95f7783b7095c84f93b33743d686fdaf71225f1
- SSDEEP
  
  1536:y8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:jGH2KRXc3blXmtnitjuJG6SisYQT4b4/
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2