56d2850272256c0312f8d6484c69d97dbfa15870a368153fa93734bab829c21b | Triage

Sharing

General

Target

56d2850272256c0312f8d6484c69d97dbfa15870a368153fa93734bab829c21b
Size

359KB
Sample

221129-vx1qzaaa42
MD5

78ea828e9434fbe1ca631f2d812bb603
SHA1

6d24bb6271b60926a2842060f4cca46900833d5f
SHA256

56d2850272256c0312f8d6484c69d97dbfa15870a368153fa93734bab829c21b
SHA512

a19127383ba86e6a649bbd076b88e31167841797b00b2b95a82332f520db998e319dfb4f7edfc18908cf3f1ce26b3332a1e9530d1fe137aabdbadba4911408fe
SSDEEP

6144:03lgk4W2GD/X1ku/xUffWkMk4T5iup7blk2k7uEcldPlLWAfTfb90tTU:VcD/X1//Wnb65lJgk9yAh

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  56d2850272256c0312f8d6484c69d97dbfa15870a368153fa93734bab829c21b
- Size
  
  359KB
- MD5
  
  78ea828e9434fbe1ca631f2d812bb603
- SHA1
  
  6d24bb6271b60926a2842060f4cca46900833d5f
- SHA256
  
  56d2850272256c0312f8d6484c69d97dbfa15870a368153fa93734bab829c21b
- SHA512
  
  a19127383ba86e6a649bbd076b88e31167841797b00b2b95a82332f520db998e319dfb4f7edfc18908cf3f1ce26b3332a1e9530d1fe137aabdbadba4911408fe
- SSDEEP
  
  6144:03lgk4W2GD/X1ku/xUffWkMk4T5iup7blk2k7uEcldPlLWAfTfb90tTU:VcD/X1//Wnb65lJgk9yAh
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2