ca7bb8787ca5c97a0236527c7d3225a4bfc25a9e7bbb54e717980c99c0dc2237 | Triage

Sharing

General

Target

ca7bb8787ca5c97a0236527c7d3225a4bfc25a9e7bbb54e717980c99c0dc2237
Size

132KB
Sample

221129-rmjg6aag81
MD5

a0dbec02e61a0cb615463daaabca4004
SHA1

853898dfb4262fbfbb60edbcb6fb9f44d1c14220
SHA256

ca7bb8787ca5c97a0236527c7d3225a4bfc25a9e7bbb54e717980c99c0dc2237
SHA512

e1f08cb4dccea95e11a340bc08426a8913c676f242400ce1fb5dba2cb2668147ffb4cab559edbb4a4670a2f560ab19c868ce674ba687f085c47adc44fdafb4fc
SSDEEP

1536:yd+zAUTXwbuVjaajd21dhOfct0G/yZjigL0q3jBnOgOtOTM/jh81ASGLUI5p1kSQ:YsDwbWxZfct0G/uFjxOHImjCcZXaS4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ca7bb8787ca5c97a0236527c7d3225a4bfc25a9e7bbb54e717980c99c0dc2237
- Size
  
  132KB
- MD5
  
  a0dbec02e61a0cb615463daaabca4004
- SHA1
  
  853898dfb4262fbfbb60edbcb6fb9f44d1c14220
- SHA256
  
  ca7bb8787ca5c97a0236527c7d3225a4bfc25a9e7bbb54e717980c99c0dc2237
- SHA512
  
  e1f08cb4dccea95e11a340bc08426a8913c676f242400ce1fb5dba2cb2668147ffb4cab559edbb4a4670a2f560ab19c868ce674ba687f085c47adc44fdafb4fc
- SSDEEP
  
  1536:yd+zAUTXwbuVjaajd21dhOfct0G/yZjigL0q3jBnOgOtOTM/jh81ASGLUI5p1kSQ:YsDwbWxZfct0G/uFjxOHImjCcZXaS4
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2