339303f2601d162e89999e736e5316e4110a79d84952fbc566d6145c10750640 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

339303f2601d162e89999e736e5316e4110a79d84952fbc566d6145c10750640
Size

301KB
Sample

221201-gkcxgsad52
MD5

ca7ba4aa4ae3a6d64b047694cf5126d0
SHA1

39b564247e0400829b4c805de0fe9e7f25b34b24
SHA256

339303f2601d162e89999e736e5316e4110a79d84952fbc566d6145c10750640
SHA512

98284724b11c3a87176c4d2c82e06a9f7c791d7ca3e6f7a9a6a4e53120f97a96d74b38d3833fcf7500c0cd090a835c3bce00136683b31cef0e2353ff0b4f29a1
SSDEEP

6144:6QTMFsmOUKWs1IJG0uGtVFMhAbmPJ703sZsKtW6Eag2s:6QyjKr1IJLzMhkmh776KtW6Ex

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  339303f2601d162e89999e736e5316e4110a79d84952fbc566d6145c10750640
- Size
  
  301KB
- MD5
  
  ca7ba4aa4ae3a6d64b047694cf5126d0
- SHA1
  
  39b564247e0400829b4c805de0fe9e7f25b34b24
- SHA256
  
  339303f2601d162e89999e736e5316e4110a79d84952fbc566d6145c10750640
- SHA512
  
  98284724b11c3a87176c4d2c82e06a9f7c791d7ca3e6f7a9a6a4e53120f97a96d74b38d3833fcf7500c0cd090a835c3bce00136683b31cef0e2353ff0b4f29a1
- SSDEEP
  
  6144:6QTMFsmOUKWs1IJG0uGtVFMhAbmPJ703sZsKtW6Eag2s:6QyjKr1IJLzMhkmh776KtW6Ex
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2