585467dfb485c4c112c6000d506f7a398a0971af796c90374831e413703db00e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

585467dfb485c4c112c6000d506f7a398a0971af796c90374831e413703db00e
Size

81KB
Sample

221201-eyr78aha6t
MD5

19813cca753771b7e0c67bc6d22c5610
SHA1

95b7a63b11256884285a8f828a9443823b77b1bb
SHA256

585467dfb485c4c112c6000d506f7a398a0971af796c90374831e413703db00e
SHA512

60d2c5099a32e26a1c14ddfb9c5a0793f6ca40b88b3365bd2eba75b1ea95642cee1fd2e84c9d817c1a05347705a2b6785ad4310932182eec9be3d50d6de20bd3
SSDEEP

768:B6Qrox4Gb+nNbsrFpoQNYSCZ+S6Mazz86O30SQSWjIj2BQjreUmPysXBTt8j3jFr:AfqnhsoQNhCZ+oazz/On0QjreUmKuIr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  585467dfb485c4c112c6000d506f7a398a0971af796c90374831e413703db00e
- Size
  
  81KB
- MD5
  
  19813cca753771b7e0c67bc6d22c5610
- SHA1
  
  95b7a63b11256884285a8f828a9443823b77b1bb
- SHA256
  
  585467dfb485c4c112c6000d506f7a398a0971af796c90374831e413703db00e
- SHA512
  
  60d2c5099a32e26a1c14ddfb9c5a0793f6ca40b88b3365bd2eba75b1ea95642cee1fd2e84c9d817c1a05347705a2b6785ad4310932182eec9be3d50d6de20bd3
- SSDEEP
  
  768:B6Qrox4Gb+nNbsrFpoQNYSCZ+S6Mazz86O30SQSWjIj2BQjreUmPysXBTt8j3jFr:AfqnhsoQNhCZ+oazz/On0QjreUmKuIr
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2