b20aa42ff17effd503ac1daf7a3a7c1c370daca475a7ad93baae56f4a0367d5a | Triage

Sharing

General

Target

b20aa42ff17effd503ac1daf7a3a7c1c370daca475a7ad93baae56f4a0367d5a
Size

128KB
Sample

221201-xzzb2ace43
MD5

600e0cf619fe61b4a167005d73682315
SHA1

3aba6bfec5a715912d32830d555bd7f18e01ac28
SHA256

b20aa42ff17effd503ac1daf7a3a7c1c370daca475a7ad93baae56f4a0367d5a
SHA512

e5c49884406060c2ee29a74b2080600ecd5f16254182f8173c23d8c02ac9f9562958954454ffc88320a83154ce828aaab5f337cd6c33efd968ff42f86079f05f
SSDEEP

3072:YbXC2nRetdfSp6TedEh03HzCz3EsT7n+xJ:YbyMhp6Ted603HzCzEsi

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b20aa42ff17effd503ac1daf7a3a7c1c370daca475a7ad93baae56f4a0367d5a
- Size
  
  128KB
- MD5
  
  600e0cf619fe61b4a167005d73682315
- SHA1
  
  3aba6bfec5a715912d32830d555bd7f18e01ac28
- SHA256
  
  b20aa42ff17effd503ac1daf7a3a7c1c370daca475a7ad93baae56f4a0367d5a
- SHA512
  
  e5c49884406060c2ee29a74b2080600ecd5f16254182f8173c23d8c02ac9f9562958954454ffc88320a83154ce828aaab5f337cd6c33efd968ff42f86079f05f
- SSDEEP
  
  3072:YbXC2nRetdfSp6TedEh03HzCz3EsT7n+xJ:YbyMhp6Ted603HzCzEsi
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2