8922e21cdd0783f37b5d2f4db2f13c7dd2665ea838d557cbd70c105729bdae06 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8922e21cdd0783f37b5d2f4db2f13c7dd2665ea838d557cbd70c105729bdae06
Size

270KB
Sample

221201-rknn4afd47
MD5

310800046727c4dd9f033a0d19542b61
SHA1

52968edf685b8e65fc17ffffa1318dce756e005e
SHA256

8922e21cdd0783f37b5d2f4db2f13c7dd2665ea838d557cbd70c105729bdae06
SHA512

88435e3cea21649d282e8eeb3d9064ee95e716f1234495487560c26271d3049fbe5168b6c5dfabda46b2c872775d5c8edbb94d5852d9da1907a5e5ce6c1268bc
SSDEEP

6144:5tjpWyqvoArlO+Beix2/pWTxq/fnx7GDrRcJIcxyCq0hzfrM:PWvo8PVq/PERcHxywo

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8922e21cdd0783f37b5d2f4db2f13c7dd2665ea838d557cbd70c105729bdae06
- Size
  
  270KB
- MD5
  
  310800046727c4dd9f033a0d19542b61
- SHA1
  
  52968edf685b8e65fc17ffffa1318dce756e005e
- SHA256
  
  8922e21cdd0783f37b5d2f4db2f13c7dd2665ea838d557cbd70c105729bdae06
- SHA512
  
  88435e3cea21649d282e8eeb3d9064ee95e716f1234495487560c26271d3049fbe5168b6c5dfabda46b2c872775d5c8edbb94d5852d9da1907a5e5ce6c1268bc
- SSDEEP
  
  6144:5tjpWyqvoArlO+Beix2/pWTxq/fnx7GDrRcJIcxyCq0hzfrM:PWvo8PVq/PERcHxywo
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2