f8706ea6ca69ea2c540febe6a59702084b930776fa47b39497272b46a0540062 | Triage

Sharing

General

Target

f8706ea6ca69ea2c540febe6a59702084b930776fa47b39497272b46a0540062
Size

351KB
Sample

221201-te2d4sea43
MD5

5535994fb3a321f28bfec5c4ca9a6cb9
SHA1

f3d2afeb4b358cea835d30d5148c54b514aa84a4
SHA256

f8706ea6ca69ea2c540febe6a59702084b930776fa47b39497272b46a0540062
SHA512

19041c7c29106fd8118bfee156593d3e824234e28413357e9759d320c5cece0c4ffc26ef7c68e7b28bccbc4c5c0c83aa4e35ed6872ef9b84c4b667a470d64763
SSDEEP

6144:Z3c4cg0RO2MRcCv/5uj7Pe5waEnYCqqGDWLvePE2+EJXeOeZydt:ZiBTMRcCvh27GunAhWr4EpEJXeTA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f8706ea6ca69ea2c540febe6a59702084b930776fa47b39497272b46a0540062
- Size
  
  351KB
- MD5
  
  5535994fb3a321f28bfec5c4ca9a6cb9
- SHA1
  
  f3d2afeb4b358cea835d30d5148c54b514aa84a4
- SHA256
  
  f8706ea6ca69ea2c540febe6a59702084b930776fa47b39497272b46a0540062
- SHA512
  
  19041c7c29106fd8118bfee156593d3e824234e28413357e9759d320c5cece0c4ffc26ef7c68e7b28bccbc4c5c0c83aa4e35ed6872ef9b84c4b667a470d64763
- SSDEEP
  
  6144:Z3c4cg0RO2MRcCv/5uj7Pe5waEnYCqqGDWLvePE2+EJXeOeZydt:ZiBTMRcCvh27GunAhWr4EpEJXeTA
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2