81b80371e4d43b28f987e6aba242b08175cf4ffea8038d28df97c15b66967d53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81b80371e4d43b28f987e6aba242b08175cf4ffea8038d28df97c15b66967d53
Size

122KB
Sample

221201-l2ngrsbg7z
MD5

a3f2f862d76b717a639cf48cfaa159e3
SHA1

81257db3f852e60f42bce8e82f254e90a989ed21
SHA256

81b80371e4d43b28f987e6aba242b08175cf4ffea8038d28df97c15b66967d53
SHA512

26beaa38eb81e4bbd4096b8efbff17f57d86ac9709ae49a37d50aa789b4d53d30eacaeae6de197fed8991dcfcc6bdaa106e7fad1239695a4c52976699cc6207c
SSDEEP

1536:MXXosVRgm2GkTysXSBfLmWLt077BD96iMW1JbGQ/IRSi9QSXHxThiF6uKeoUCBq:MTbxpB65BZRMCJaEIYi9QS5eoUCBq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  81b80371e4d43b28f987e6aba242b08175cf4ffea8038d28df97c15b66967d53
- Size
  
  122KB
- MD5
  
  a3f2f862d76b717a639cf48cfaa159e3
- SHA1
  
  81257db3f852e60f42bce8e82f254e90a989ed21
- SHA256
  
  81b80371e4d43b28f987e6aba242b08175cf4ffea8038d28df97c15b66967d53
- SHA512
  
  26beaa38eb81e4bbd4096b8efbff17f57d86ac9709ae49a37d50aa789b4d53d30eacaeae6de197fed8991dcfcc6bdaa106e7fad1239695a4c52976699cc6207c
- SSDEEP
  
  1536:MXXosVRgm2GkTysXSBfLmWLt077BD96iMW1JbGQ/IRSi9QSXHxThiF6uKeoUCBq:MTbxpB65BZRMCJaEIYi9QS5eoUCBq
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2