2f2121cf25939e34b18bb9a2a4e12840c73afce4d1af334c4b4249a402931e7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f2121cf25939e34b18bb9a2a4e12840c73afce4d1af334c4b4249a402931e7b
Size

295KB
Sample

221201-gphzasec3v
MD5

2a7310edcc4705ad27a4a8af7f617734
SHA1

cad7f177431225f6d639fd04bda207489dad99e1
SHA256

2f2121cf25939e34b18bb9a2a4e12840c73afce4d1af334c4b4249a402931e7b
SHA512

17892e2701c22f3845c02673f133d6ec9d4f6c39ce0627f053539437824e97aa33cadc9ddccbaba02ec95296e8e9ca3f3d706ce96bbddcf67dc0be27b483e054
SSDEEP

6144:xkbvlMVFcMNoU6iThUKGBYwqcggYMtGprpGwksUIRK42j8ZJyc:GBiThCBY6gTM2rpx+Uyc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2f2121cf25939e34b18bb9a2a4e12840c73afce4d1af334c4b4249a402931e7b
- Size
  
  295KB
- MD5
  
  2a7310edcc4705ad27a4a8af7f617734
- SHA1
  
  cad7f177431225f6d639fd04bda207489dad99e1
- SHA256
  
  2f2121cf25939e34b18bb9a2a4e12840c73afce4d1af334c4b4249a402931e7b
- SHA512
  
  17892e2701c22f3845c02673f133d6ec9d4f6c39ce0627f053539437824e97aa33cadc9ddccbaba02ec95296e8e9ca3f3d706ce96bbddcf67dc0be27b483e054
- SSDEEP
  
  6144:xkbvlMVFcMNoU6iThUKGBYwqcggYMtGprpGwksUIRK42j8ZJyc:GBiThCBY6gTM2rpx+Uyc
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2