57f97d1e53350ff7c4d9c9fc8cfe8e0d6bfcc6e620b29050bd0170c8e801a07f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57f97d1e53350ff7c4d9c9fc8cfe8e0d6bfcc6e620b29050bd0170c8e801a07f
Size

454KB
Sample

221201-ey79fade62
MD5

23a6dcd59e3002ed0943c7db1b7c8f73
SHA1

14593e793ad0bb14251da90481d53001885e3bc8
SHA256

57f97d1e53350ff7c4d9c9fc8cfe8e0d6bfcc6e620b29050bd0170c8e801a07f
SHA512

3a13205f47fd1a202451af1cb49d4037a62f0784f2f6c5e0639d1900b8df064abb5a15dba9fa7b637d37611d71013dfd37d37489d6a586f6f581b02882743ffc
SSDEEP

6144:o2Kgo6ZWWeTfIE11KjyU5GUvvbwN+r+hOeG5FQGUP3ExX:o96ZWWwIEvKr5GfNMeG5Sk

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  57f97d1e53350ff7c4d9c9fc8cfe8e0d6bfcc6e620b29050bd0170c8e801a07f
- Size
  
  454KB
- MD5
  
  23a6dcd59e3002ed0943c7db1b7c8f73
- SHA1
  
  14593e793ad0bb14251da90481d53001885e3bc8
- SHA256
  
  57f97d1e53350ff7c4d9c9fc8cfe8e0d6bfcc6e620b29050bd0170c8e801a07f
- SHA512
  
  3a13205f47fd1a202451af1cb49d4037a62f0784f2f6c5e0639d1900b8df064abb5a15dba9fa7b637d37611d71013dfd37d37489d6a586f6f581b02882743ffc
- SSDEEP
  
  6144:o2Kgo6ZWWeTfIE11KjyU5GUvvbwN+r+hOeG5FQGUP3ExX:o96ZWWwIEvKr5GfNMeG5Sk
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2