868ca7f79b5327da8e800aafa25369bd7d8d41cdad0fa51a7c673323a13330af | Triage

Sharing

General

Target

868ca7f79b5327da8e800aafa25369bd7d8d41cdad0fa51a7c673323a13330af
Size

150KB
Sample

221201-b7cx4sgf7w
MD5

e45bd9921d9f8f7adfe808033e03363c
SHA1

7fb4fe3208006004543839553c044c2bca0e5a23
SHA256

868ca7f79b5327da8e800aafa25369bd7d8d41cdad0fa51a7c673323a13330af
SHA512

d9046461d0d863dff4be0a3d2b941a583d826e699a0223449959108a55bac036053fb771c2797f1ec06f01625040b7668dd0b9991a9881f324b3e05a79276af0
SSDEEP

3072:7HOY7lFdY557iC5tMMHKHdz6Ul7zE1NYYcYtdd1oJbbdds:7HZ3C57pjrHQ4+rYWr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  868ca7f79b5327da8e800aafa25369bd7d8d41cdad0fa51a7c673323a13330af
- Size
  
  150KB
- MD5
  
  e45bd9921d9f8f7adfe808033e03363c
- SHA1
  
  7fb4fe3208006004543839553c044c2bca0e5a23
- SHA256
  
  868ca7f79b5327da8e800aafa25369bd7d8d41cdad0fa51a7c673323a13330af
- SHA512
  
  d9046461d0d863dff4be0a3d2b941a583d826e699a0223449959108a55bac036053fb771c2797f1ec06f01625040b7668dd0b9991a9881f324b3e05a79276af0
- SSDEEP
  
  3072:7HOY7lFdY557iC5tMMHKHdz6Ul7zE1NYYcYtdd1oJbbdds:7HZ3C57pjrHQ4+rYWr
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2