e9fdbdfd601f207f79d1eec6b55705b36ab482eac832f9f4ebf07a7878710a36 | Triage

Sharing

General

Target

e9fdbdfd601f207f79d1eec6b55705b36ab482eac832f9f4ebf07a7878710a36
Size

356KB
Sample

221201-txye6sba7s
MD5

16992477af6c1128ccf8e2bb7d41b165
SHA1

f0a8f7bc308ee177dd83df0f573a2ea6654be847
SHA256

e9fdbdfd601f207f79d1eec6b55705b36ab482eac832f9f4ebf07a7878710a36
SHA512

9cb37d03753d1ccdaaf9952d64b1d6ec671e86d509e77e48137d13ea4afad452c7a413e7fc1d9231da253198e7d7d5756c702ebe176be9d7de276ba946a42117
SSDEEP

6144:7vbx8OOArW84uuJTVZS0EMja2G6dJfoWSXlAiETbld6stREj:7LO2dsFjc6Q7GlFRs

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e9fdbdfd601f207f79d1eec6b55705b36ab482eac832f9f4ebf07a7878710a36
- Size
  
  356KB
- MD5
  
  16992477af6c1128ccf8e2bb7d41b165
- SHA1
  
  f0a8f7bc308ee177dd83df0f573a2ea6654be847
- SHA256
  
  e9fdbdfd601f207f79d1eec6b55705b36ab482eac832f9f4ebf07a7878710a36
- SHA512
  
  9cb37d03753d1ccdaaf9952d64b1d6ec671e86d509e77e48137d13ea4afad452c7a413e7fc1d9231da253198e7d7d5756c702ebe176be9d7de276ba946a42117
- SSDEEP
  
  6144:7vbx8OOArW84uuJTVZS0EMja2G6dJfoWSXlAiETbld6stREj:7LO2dsFjc6Q7GlFRs
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2