8ba30df49f94005822b3d1264121c1ec3ae879fd27f798e58b3608b701d265dd | Triage

Sharing

General

Target

8ba30df49f94005822b3d1264121c1ec3ae879fd27f798e58b3608b701d265dd
Size

93KB
Sample

221201-1btcnafh2z
MD5

c6f5d6270d704db347dc7ced3dd11f50
SHA1

3754660ef16306ce4489e4940ab98e654468588a
SHA256

8ba30df49f94005822b3d1264121c1ec3ae879fd27f798e58b3608b701d265dd
SHA512

eb329315b41f9a844cd86765244a369721ab7908320d5d90a4e76b00bfd8c310e566a9bb225cb69522f145861635a61cb23bbc263515137acc6db1b8363d2601
SSDEEP

1536:CXyvtA0MYL3OpBlHDxpmzVurN4vjWif+Q5ei6HNdsngRIhs2GDm:Cqt+XFpO0OvZfNTgGhhGa

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8ba30df49f94005822b3d1264121c1ec3ae879fd27f798e58b3608b701d265dd
- Size
  
  93KB
- MD5
  
  c6f5d6270d704db347dc7ced3dd11f50
- SHA1
  
  3754660ef16306ce4489e4940ab98e654468588a
- SHA256
  
  8ba30df49f94005822b3d1264121c1ec3ae879fd27f798e58b3608b701d265dd
- SHA512
  
  eb329315b41f9a844cd86765244a369721ab7908320d5d90a4e76b00bfd8c310e566a9bb225cb69522f145861635a61cb23bbc263515137acc6db1b8363d2601
- SSDEEP
  
  1536:CXyvtA0MYL3OpBlHDxpmzVurN4vjWif+Q5ei6HNdsngRIhs2GDm:Cqt+XFpO0OvZfNTgGhhGa
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2