b3f8a95d3bc6c1260e975037ce1b1078e9db5e8a62d37495d282462c5c58ea00 | Triage

Sharing

General

Target

b3f8a95d3bc6c1260e975037ce1b1078e9db5e8a62d37495d282462c5c58ea00
Size

302KB
Sample

221201-xvfn5afb71
MD5

25ace6f96888caa26b843ac16061b626
SHA1

ea875cc62abaf8527a6f1d034ad26268222a34cf
SHA256

b3f8a95d3bc6c1260e975037ce1b1078e9db5e8a62d37495d282462c5c58ea00
SHA512

9d08baa9f6b5c470e07fd4985909d3b8c9ffc5c4b5c37c85edb6d0b5c1de01e2f5cb5d38b4ce9759729300d9ed5b64361e26cc944186b6053cae0c963ba64890
SSDEEP

6144:TxRdXYjNyhhv0yOtL8XaszVIML7uezJDWy1VK7ni:TxR8yUyOtQaeRDc7i

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b3f8a95d3bc6c1260e975037ce1b1078e9db5e8a62d37495d282462c5c58ea00
- Size
  
  302KB
- MD5
  
  25ace6f96888caa26b843ac16061b626
- SHA1
  
  ea875cc62abaf8527a6f1d034ad26268222a34cf
- SHA256
  
  b3f8a95d3bc6c1260e975037ce1b1078e9db5e8a62d37495d282462c5c58ea00
- SHA512
  
  9d08baa9f6b5c470e07fd4985909d3b8c9ffc5c4b5c37c85edb6d0b5c1de01e2f5cb5d38b4ce9759729300d9ed5b64361e26cc944186b6053cae0c963ba64890
- SSDEEP
  
  6144:TxRdXYjNyhhv0yOtL8XaszVIML7uezJDWy1VK7ni:TxR8yUyOtQaeRDc7i
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2