d1b676548d0e0d3033a36f74ec7c65f23a3729529dda4eea9b84cde9840d9479 | Triage

Sharing

General

Target

d1b676548d0e0d3033a36f74ec7c65f23a3729529dda4eea9b84cde9840d9479
Size

377KB
Sample

221201-vqc2bsdg8x
MD5

e31a72a2969441513d6fd427d365eaba
SHA1

304a3aada3eed99e1f1790713a41fcd69590fc94
SHA256

d1b676548d0e0d3033a36f74ec7c65f23a3729529dda4eea9b84cde9840d9479
SHA512

cbbb815208298e6a7b8782fb48630ba3fa3240bc708fbee8ba298de776b3bd355e13cdf375f5f6f746f199521fcc2e50f5cf57d36c371f19d5643fd145e893bf
SSDEEP

6144:gs1dB7c9VzrA98jUxh5R8WyPDh/S5PE6KRnhJRSkJpuuuuuuuuuuuuuuuuuuuuue:gZnA98wh7aPDha5P+fpuuuuuuuuuuuuN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d1b676548d0e0d3033a36f74ec7c65f23a3729529dda4eea9b84cde9840d9479
- Size
  
  377KB
- MD5
  
  e31a72a2969441513d6fd427d365eaba
- SHA1
  
  304a3aada3eed99e1f1790713a41fcd69590fc94
- SHA256
  
  d1b676548d0e0d3033a36f74ec7c65f23a3729529dda4eea9b84cde9840d9479
- SHA512
  
  cbbb815208298e6a7b8782fb48630ba3fa3240bc708fbee8ba298de776b3bd355e13cdf375f5f6f746f199521fcc2e50f5cf57d36c371f19d5643fd145e893bf
- SSDEEP
  
  6144:gs1dB7c9VzrA98jUxh5R8WyPDh/S5PE6KRnhJRSkJpuuuuuuuuuuuuuuuuuuuuue:gZnA98wh7aPDha5P+fpuuuuuuuuuuuuN
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2