89bcef8a8c565c40fba0f3a78345410324455de48f218023ab1186f465fdc2b4 | Triage

Sharing

General

Target

89bcef8a8c565c40fba0f3a78345410324455de48f218023ab1186f465fdc2b4
Size

284KB
Sample

221201-b9ymlade63
MD5

0b47294f05f30ea08acecf30cc8fcfca
SHA1

17987a237843137ed1a33c062982aa3703302433
SHA256

89bcef8a8c565c40fba0f3a78345410324455de48f218023ab1186f465fdc2b4
SHA512

8e5b90ce19f176f46033ce2be9252e652755c5d32761169e1b19a5efc8211c5cfe87e980c9ce1b930c24bc8ce537ca3e4bdceab4d74ff6b894b3dfccb3433f53
SSDEEP

6144:QaP/gZ90JpU28YMWTHSX1Nb+lPRyqHV2yJAZlj+hIzv/1:3/gI62dMW7m+F3HV2SA7v/1

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  89bcef8a8c565c40fba0f3a78345410324455de48f218023ab1186f465fdc2b4
- Size
  
  284KB
- MD5
  
  0b47294f05f30ea08acecf30cc8fcfca
- SHA1
  
  17987a237843137ed1a33c062982aa3703302433
- SHA256
  
  89bcef8a8c565c40fba0f3a78345410324455de48f218023ab1186f465fdc2b4
- SHA512
  
  8e5b90ce19f176f46033ce2be9252e652755c5d32761169e1b19a5efc8211c5cfe87e980c9ce1b930c24bc8ce537ca3e4bdceab4d74ff6b894b3dfccb3433f53
- SSDEEP
  
  6144:QaP/gZ90JpU28YMWTHSX1Nb+lPRyqHV2yJAZlj+hIzv/1:3/gI62dMW7m+F3HV2SA7v/1
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2