ad0ed82e7287970540327619496c352949b27db482604da113d62e5369abc1fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad0ed82e7287970540327619496c352949b27db482604da113d62e5369abc1fa
Size

336KB
Sample

221130-3fjp5aed37
MD5

cc61cb3cca3ae9a412c351f2fb671818
SHA1

67263c72ecaf2e5138673b8c45edf35159095d67
SHA256

ad0ed82e7287970540327619496c352949b27db482604da113d62e5369abc1fa
SHA512

480eded6d5f47620c460ddf38f6056c95211a8ba686d72b24a1868e0a8ecb8353e3675724a2ffdfbfed752d3e866fdd19d92b01a3edb793f87ef3cfbf2cdae48
SSDEEP

6144:0zIa9Js+ogiRR0wm8k8lMJGih/0XvraXtAZB42lj9jJLelEGPcXfCvY9wXiQ:Gs+oZR3m8L2Gisja9AZRVilAqvgwd

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ad0ed82e7287970540327619496c352949b27db482604da113d62e5369abc1fa
- Size
  
  336KB
- MD5
  
  cc61cb3cca3ae9a412c351f2fb671818
- SHA1
  
  67263c72ecaf2e5138673b8c45edf35159095d67
- SHA256
  
  ad0ed82e7287970540327619496c352949b27db482604da113d62e5369abc1fa
- SHA512
  
  480eded6d5f47620c460ddf38f6056c95211a8ba686d72b24a1868e0a8ecb8353e3675724a2ffdfbfed752d3e866fdd19d92b01a3edb793f87ef3cfbf2cdae48
- SSDEEP
  
  6144:0zIa9Js+ogiRR0wm8k8lMJGih/0XvraXtAZB42lj9jJLelEGPcXfCvY9wXiQ:Gs+oZR3m8L2Gisja9AZRVilAqvgwd
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2