dd86e359c1b7aa89bfe0aabc6504c4b7246c3b5faa3e34f1b3d849ff6de7649c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd86e359c1b7aa89bfe0aabc6504c4b7246c3b5faa3e34f1b3d849ff6de7649c
Size

351KB
Sample

221201-vbddjsgh76
MD5

d78f0306c229ef66a1e98942d9e8e634
SHA1

1c1943a8c4ba1a84623d890044728dec7479b39f
SHA256

dd86e359c1b7aa89bfe0aabc6504c4b7246c3b5faa3e34f1b3d849ff6de7649c
SHA512

f6656d2021d4b1604bb3e1d1daa0fa188f0fc2d851c983c07392fee061dc63da9f52b1c925a236f28fb85b1d22666ebc06de1632af4ed338413edf8d7df9b714
SSDEEP

6144:Z3c4cg0RO2MEm8KP4RdkbyJH3ZZRtqYJDKqz7DC3FR/5Zbfex:ZiBTMV8KP4RdkmJH3fqfm7DCVV5Zb2x

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dd86e359c1b7aa89bfe0aabc6504c4b7246c3b5faa3e34f1b3d849ff6de7649c
- Size
  
  351KB
- MD5
  
  d78f0306c229ef66a1e98942d9e8e634
- SHA1
  
  1c1943a8c4ba1a84623d890044728dec7479b39f
- SHA256
  
  dd86e359c1b7aa89bfe0aabc6504c4b7246c3b5faa3e34f1b3d849ff6de7649c
- SHA512
  
  f6656d2021d4b1604bb3e1d1daa0fa188f0fc2d851c983c07392fee061dc63da9f52b1c925a236f28fb85b1d22666ebc06de1632af4ed338413edf8d7df9b714
- SSDEEP
  
  6144:Z3c4cg0RO2MEm8KP4RdkbyJH3ZZRtqYJDKqz7DC3FR/5Zbfex:ZiBTMV8KP4RdkmJH3fqfm7DCVV5Zb2x
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2