c6bb9e82971147e80f3ecae9e3ab1281a45e79b28a1bf6989856ca0b021f4947 | Triage

Sharing

General

Target

c6bb9e82971147e80f3ecae9e3ab1281a45e79b28a1bf6989856ca0b021f4947
Size

96KB
Sample

221201-l5b8xaca8w
MD5

8ad8feb6996642a751dc3979c1cc527f
SHA1

838adaf728ab925d46d31b47d40aa5ea7831f5f5
SHA256

c6bb9e82971147e80f3ecae9e3ab1281a45e79b28a1bf6989856ca0b021f4947
SHA512

119a205ed97161b22384168ee157a3b6eb0385e589307ae3318a63b11123cda0b957ae3001ee8130eb02dc5a7dd37bc431dccc8ff1e3a637a17dbe212bbe3503
SSDEEP

1536:Y8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:5GH2KRXc3blXmtnitjuJG6SisYQT4b4/

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c6bb9e82971147e80f3ecae9e3ab1281a45e79b28a1bf6989856ca0b021f4947
- Size
  
  96KB
- MD5
  
  8ad8feb6996642a751dc3979c1cc527f
- SHA1
  
  838adaf728ab925d46d31b47d40aa5ea7831f5f5
- SHA256
  
  c6bb9e82971147e80f3ecae9e3ab1281a45e79b28a1bf6989856ca0b021f4947
- SHA512
  
  119a205ed97161b22384168ee157a3b6eb0385e589307ae3318a63b11123cda0b957ae3001ee8130eb02dc5a7dd37bc431dccc8ff1e3a637a17dbe212bbe3503
- SSDEEP
  
  1536:Y8fGHUrKRtrhcamH7XVkEmiSngrR92SjuJ7cPcj3CnisY3A2ro4dxti/:5GH2KRXc3blXmtnitjuJG6SisYQT4b4/
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2