73ac4082c72f7fbec2dd31c28085480513e95927fcf0449ed4c6392992393412 | Triage

Sharing

General

Target

73ac4082c72f7fbec2dd31c28085480513e95927fcf0449ed4c6392992393412
Size

660KB
Sample

221201-dtdzcsab73
MD5

c2ba961b46cf1102cff13d11bd86c476
SHA1

8f7dd5ed5fd681a9133811477804b159a7194f03
SHA256

73ac4082c72f7fbec2dd31c28085480513e95927fcf0449ed4c6392992393412
SHA512

b1015bf422b1af6e2990ac00118000c74e0afb0b356f4102b1f07d2da50cc7d4b8d1aa483e777d87541a7c0733518b49db64262430b0b03721f4fd1858e32b67
SSDEEP

12288:jNKy4ghhHYVAe2Z4INVA3pbXB38Vo8pCqbja4TZeO8yc:74ghRYVAe2Z4IDA7sS8JzTZeOj

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  73ac4082c72f7fbec2dd31c28085480513e95927fcf0449ed4c6392992393412
- Size
  
  660KB
- MD5
  
  c2ba961b46cf1102cff13d11bd86c476
- SHA1
  
  8f7dd5ed5fd681a9133811477804b159a7194f03
- SHA256
  
  73ac4082c72f7fbec2dd31c28085480513e95927fcf0449ed4c6392992393412
- SHA512
  
  b1015bf422b1af6e2990ac00118000c74e0afb0b356f4102b1f07d2da50cc7d4b8d1aa483e777d87541a7c0733518b49db64262430b0b03721f4fd1858e32b67
- SSDEEP
  
  12288:jNKy4ghhHYVAe2Z4INVA3pbXB38Vo8pCqbja4TZeO8yc:74ghRYVAe2Z4IDA7sS8JzTZeOj
Score

8^/10

evasion persistence
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence