9a1e0ec6ca0fbf49384efdb8be759378841602e554ba0528df1de9f8693081eb | Triage

Sharing

General

Target

9a1e0ec6ca0fbf49384efdb8be759378841602e554ba0528df1de9f8693081eb
Size

322KB
Sample

221201-a1demadb6w
MD5

d5d3abf7f6bf92c36a27657b957f1eda
SHA1

00bdb05ae85f15573168ae2b5c0ea17fc5f65ef3
SHA256

9a1e0ec6ca0fbf49384efdb8be759378841602e554ba0528df1de9f8693081eb
SHA512

aa8ee7077f9a6f0950d684ce2f6e6fe2f42987c3f065ecb66ebceb81dbc26127011476b958c8a7602302fc874452f25703752c4322112e9a8de1973e59a0b6bc
SSDEEP

6144:f5ADU35zeQ0R7+28O86sgg/QNpZmoZkdkCVLeC2wuJv8200XRRvD+S6GbEJXuh4X:xEa5zeD7+q/mIkdUvV0qRRL76zj

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9a1e0ec6ca0fbf49384efdb8be759378841602e554ba0528df1de9f8693081eb
- Size
  
  322KB
- MD5
  
  d5d3abf7f6bf92c36a27657b957f1eda
- SHA1
  
  00bdb05ae85f15573168ae2b5c0ea17fc5f65ef3
- SHA256
  
  9a1e0ec6ca0fbf49384efdb8be759378841602e554ba0528df1de9f8693081eb
- SHA512
  
  aa8ee7077f9a6f0950d684ce2f6e6fe2f42987c3f065ecb66ebceb81dbc26127011476b958c8a7602302fc874452f25703752c4322112e9a8de1973e59a0b6bc
- SSDEEP
  
  6144:f5ADU35zeQ0R7+28O86sgg/QNpZmoZkdkCVLeC2wuJv8200XRRvD+S6GbEJXuh4X:xEa5zeD7+q/mIkdUvV0qRRL76zj
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2