cbef9ded11aa13ffefb50ff55a814b4c811c7f622046477e5cb25c54c5d7dff3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbef9ded11aa13ffefb50ff55a814b4c811c7f622046477e5cb25c54c5d7dff3
Size

304KB
Sample

221201-v6awxafd9t
MD5

603803a45e8b51d6738666c64fe51966
SHA1

2c909fba9e435cf75633b0c069177d7e42c3a2c2
SHA256

cbef9ded11aa13ffefb50ff55a814b4c811c7f622046477e5cb25c54c5d7dff3
SHA512

1fc76af148d21e6fedef4383d3b17a4658a8f10c341a534356ae9958534cb2385e7d35e840a55c2c933481357d11bd8b49e8abe74edf40ab0a34e604231b17f2
SSDEEP

6144:o6wdmt+S8iXtGZ4FtTfK1bcfwK8jNCm69EfzSWDHhftl1KQi9gSnZoAI1GNk:HPC4tFFticoxz69E+GV0JZoPGm

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cbef9ded11aa13ffefb50ff55a814b4c811c7f622046477e5cb25c54c5d7dff3
- Size
  
  304KB
- MD5
  
  603803a45e8b51d6738666c64fe51966
- SHA1
  
  2c909fba9e435cf75633b0c069177d7e42c3a2c2
- SHA256
  
  cbef9ded11aa13ffefb50ff55a814b4c811c7f622046477e5cb25c54c5d7dff3
- SHA512
  
  1fc76af148d21e6fedef4383d3b17a4658a8f10c341a534356ae9958534cb2385e7d35e840a55c2c933481357d11bd8b49e8abe74edf40ab0a34e604231b17f2
- SSDEEP
  
  6144:o6wdmt+S8iXtGZ4FtTfK1bcfwK8jNCm69EfzSWDHhftl1KQi9gSnZoAI1GNk:HPC4tFFticoxz69E+GV0JZoPGm
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2