1471021c3fc0bc818d25b2b591f223a6f97db19ecb3ad5bb62e8a70bd7ae737e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1471021c3fc0bc818d25b2b591f223a6f97db19ecb3ad5bb62e8a70bd7ae737e
Size

210KB
Sample

221202-a7f44agd68
MD5

7afbe46a444a31753ac45f0020cb6335
SHA1

427f046b0197e7ac990f2d7c3056b8db92c73d27
SHA256

1471021c3fc0bc818d25b2b591f223a6f97db19ecb3ad5bb62e8a70bd7ae737e
SHA512

19ee7f3660f52332c60ad9e6c80c9935e83506fb988fd53e0da5ac72b161a9606779df08ddafa8cc95dcc5d4a237baf32d707b7b46d77d155408f31c039ee2fb
SSDEEP

6144:gWCt2ISzpluSkpZDReepBq9gdJtGZXzQd:gWQSgpZVe4Ig1G8d

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1471021c3fc0bc818d25b2b591f223a6f97db19ecb3ad5bb62e8a70bd7ae737e
- Size
  
  210KB
- MD5
  
  7afbe46a444a31753ac45f0020cb6335
- SHA1
  
  427f046b0197e7ac990f2d7c3056b8db92c73d27
- SHA256
  
  1471021c3fc0bc818d25b2b591f223a6f97db19ecb3ad5bb62e8a70bd7ae737e
- SHA512
  
  19ee7f3660f52332c60ad9e6c80c9935e83506fb988fd53e0da5ac72b161a9606779df08ddafa8cc95dcc5d4a237baf32d707b7b46d77d155408f31c039ee2fb
- SSDEEP
  
  6144:gWCt2ISzpluSkpZDReepBq9gdJtGZXzQd:gWQSgpZVe4Ig1G8d
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2