b0cd2f54b5e857e58ad7622031e96f9815bf694a373d54413c4c17578fd089a1 | Triage

Sharing

General

Target

b0cd2f54b5e857e58ad7622031e96f9815bf694a373d54413c4c17578fd089a1
Size

1.1MB
Sample

221130-27slnsde85
MD5

bcbf56917932494cd01bb7a700f9b57e
SHA1

790cc2c909a093e8f52544d41b4c75348146ffc0
SHA256

b0cd2f54b5e857e58ad7622031e96f9815bf694a373d54413c4c17578fd089a1
SHA512

96e68ff4b6a68b74d5942b023a55823be0ad3ed398baf8a1e4f2f692f05de8995eea4b923e54dedc0b2d4f093ca3e1c4983fec3e2852d84fce69513963cab4f2
SSDEEP

12288:p7g75OSQVvVRUg4hFkSqnZQF+lluGWt8X8+ZIZ6olP1VmL:utWvVRUzhOdKF+llj6iKZ6oT6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b0cd2f54b5e857e58ad7622031e96f9815bf694a373d54413c4c17578fd089a1
- Size
  
  1.1MB
- MD5
  
  bcbf56917932494cd01bb7a700f9b57e
- SHA1
  
  790cc2c909a093e8f52544d41b4c75348146ffc0
- SHA256
  
  b0cd2f54b5e857e58ad7622031e96f9815bf694a373d54413c4c17578fd089a1
- SHA512
  
  96e68ff4b6a68b74d5942b023a55823be0ad3ed398baf8a1e4f2f692f05de8995eea4b923e54dedc0b2d4f093ca3e1c4983fec3e2852d84fce69513963cab4f2
- SSDEEP
  
  12288:p7g75OSQVvVRUg4hFkSqnZQF+lluGWt8X8+ZIZ6olP1VmL:utWvVRUzhOdKF+llj6iKZ6oT6
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2