dc0cc73a8fbe693f1cf19997b5a671d1e2d8cbe84e5900a32da8e907eebd7e77 | Triage

Sharing

General

Target

dc0cc73a8fbe693f1cf19997b5a671d1e2d8cbe84e5900a32da8e907eebd7e77
Size

1.4MB
Sample

221201-vc3ptshb38
MD5

f6e4ae7a65de7963e83318f42fac6e00
SHA1

c5d95d1aece94d723f77a2ce434a239cac48cf0a
SHA256

dc0cc73a8fbe693f1cf19997b5a671d1e2d8cbe84e5900a32da8e907eebd7e77
SHA512

8117bcca28665c85d9fae82b077784067ea6a6b6f7947667d425c6cfea61782a5376266b1724bf52a51b2bf614a4eec90d246b3180e734ecbc0d1faf88aae789
SSDEEP

24576:uPMxDqnqt7AG+tuFex5bcgXJ3YFN6744F9VCtGjD:1IqlJ+tvbb63GCMjD

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  dc0cc73a8fbe693f1cf19997b5a671d1e2d8cbe84e5900a32da8e907eebd7e77
- Size
  
  1.4MB
- MD5
  
  f6e4ae7a65de7963e83318f42fac6e00
- SHA1
  
  c5d95d1aece94d723f77a2ce434a239cac48cf0a
- SHA256
  
  dc0cc73a8fbe693f1cf19997b5a671d1e2d8cbe84e5900a32da8e907eebd7e77
- SHA512
  
  8117bcca28665c85d9fae82b077784067ea6a6b6f7947667d425c6cfea61782a5376266b1724bf52a51b2bf614a4eec90d246b3180e734ecbc0d1faf88aae789
- SSDEEP
  
  24576:uPMxDqnqt7AG+tuFex5bcgXJ3YFN6744F9VCtGjD:1IqlJ+tvbb63GCMjD
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2