7144b3dd01d39d06cff4b2dd48b62eabacaf62d6832c18421a2a78ef05b03572 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7144b3dd01d39d06cff4b2dd48b62eabacaf62d6832c18421a2a78ef05b03572
Size

96KB
Sample

221201-l3tp6sgd66
MD5

64a86299679130efe74e20beec06e233
SHA1

c4299a8819d22b3036f8056608a78ae5074af8cd
SHA256

7144b3dd01d39d06cff4b2dd48b62eabacaf62d6832c18421a2a78ef05b03572
SHA512

58c5369c63fc61eb2335e11fdf94d9dcbfa950007827559d55081154522a5f7168b8a1f6480f70a17bfc2f815a382bf335cb55220cb8d2b82050475450305852
SSDEEP

1536:o8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:pGH2KRXc3blXmtnitjuJG6SisYQT4b4/

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7144b3dd01d39d06cff4b2dd48b62eabacaf62d6832c18421a2a78ef05b03572
- Size
  
  96KB
- MD5
  
  64a86299679130efe74e20beec06e233
- SHA1
  
  c4299a8819d22b3036f8056608a78ae5074af8cd
- SHA256
  
  7144b3dd01d39d06cff4b2dd48b62eabacaf62d6832c18421a2a78ef05b03572
- SHA512
  
  58c5369c63fc61eb2335e11fdf94d9dcbfa950007827559d55081154522a5f7168b8a1f6480f70a17bfc2f815a382bf335cb55220cb8d2b82050475450305852
- SSDEEP
  
  1536:o8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:pGH2KRXc3blXmtnitjuJG6SisYQT4b4/
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2