37878d91dfae1dcd872bb01e5f26ff52248d3730b01b2e24136e8d2ee19e76f1 | Triage

Sharing

General

Target

37878d91dfae1dcd872bb01e5f26ff52248d3730b01b2e24136e8d2ee19e76f1
Size

325KB
Sample

221201-fr516sbe5x
MD5

9a94953874acd465d88fa206b7345e30
SHA1

1cb7b0e8406d58137fc474527de266602a56a077
SHA256

37878d91dfae1dcd872bb01e5f26ff52248d3730b01b2e24136e8d2ee19e76f1
SHA512

b1e6e9819a56e15f03dc9f3760a1e0d36d72ea20e16f49a7ed3ec79c2ea1b20b701a1065ad0d2f611c17b020b47dee2a196dccf2015bc37fbe6bcdd4c593e94b
SSDEEP

6144:OFq4nHcdPGhy6W7i7zR6itxuP9e6JhRxVyit4DfiYw+o5Pa5:OFq4nHcdehgWvRtHk9e6bfbYa7k

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  37878d91dfae1dcd872bb01e5f26ff52248d3730b01b2e24136e8d2ee19e76f1
- Size
  
  325KB
- MD5
  
  9a94953874acd465d88fa206b7345e30
- SHA1
  
  1cb7b0e8406d58137fc474527de266602a56a077
- SHA256
  
  37878d91dfae1dcd872bb01e5f26ff52248d3730b01b2e24136e8d2ee19e76f1
- SHA512
  
  b1e6e9819a56e15f03dc9f3760a1e0d36d72ea20e16f49a7ed3ec79c2ea1b20b701a1065ad0d2f611c17b020b47dee2a196dccf2015bc37fbe6bcdd4c593e94b
- SSDEEP
  
  6144:OFq4nHcdPGhy6W7i7zR6itxuP9e6JhRxVyit4DfiYw+o5Pa5:OFq4nHcdehgWvRtHk9e6bfbYa7k
Score

8^/10

persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2