67830e5ac7559a7b7f705afb083ff463fbadd1c27ee141591bed3be0ebe7a302 | Triage

Sharing

General

Target

67830e5ac7559a7b7f705afb083ff463fbadd1c27ee141591bed3be0ebe7a302
Size

296KB
Sample

221201-ebyfqabf69
MD5

4449c3d216e0f46e75fd4cca1114d864
SHA1

03e7abe4af300ea9f7c210a013429095adc8ba92
SHA256

67830e5ac7559a7b7f705afb083ff463fbadd1c27ee141591bed3be0ebe7a302
SHA512

4c98968b6cf90ff7ab1d94a6aea0df467e72916d66f9b01b5ce3dbb099a78ac39bbc5ecba55accfac3e90df0d425610e6d0326938b1cfc4cac4608cbf1ad3e65
SSDEEP

6144:2o4ksvUGxVteDa0t8EYk2ECEMnj05RoWfvh8EybgjmTw2bA221:2o8VteDaZEo7/joRoDjUUA9

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  67830e5ac7559a7b7f705afb083ff463fbadd1c27ee141591bed3be0ebe7a302
- Size
  
  296KB
- MD5
  
  4449c3d216e0f46e75fd4cca1114d864
- SHA1
  
  03e7abe4af300ea9f7c210a013429095adc8ba92
- SHA256
  
  67830e5ac7559a7b7f705afb083ff463fbadd1c27ee141591bed3be0ebe7a302
- SHA512
  
  4c98968b6cf90ff7ab1d94a6aea0df467e72916d66f9b01b5ce3dbb099a78ac39bbc5ecba55accfac3e90df0d425610e6d0326938b1cfc4cac4608cbf1ad3e65
- SSDEEP
  
  6144:2o4ksvUGxVteDa0t8EYk2ECEMnj05RoWfvh8EybgjmTw2bA221:2o8VteDaZEo7/joRoDjUUA9
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2