3a31f7a4e56b723dc60ff0bd904d92fa9eed41caad3b272feb70e461fdda70cb | Triage

Sharing

General

Target

3a31f7a4e56b723dc60ff0bd904d92fa9eed41caad3b272feb70e461fdda70cb
Size

426KB
Sample

221202-af9bkaeb96
MD5

0f04d8619d84a8b6a9f00d6c7b6703d5
SHA1

8b831f4fcf6c2827dc0c0db531c16bb90a8655c6
SHA256

3a31f7a4e56b723dc60ff0bd904d92fa9eed41caad3b272feb70e461fdda70cb
SHA512

356a913bafe731b846aad0f7d0c01055a7f7a33f94ff8739f9d8827883597ce050cf6ffe49a4810a5a67f7601fcfdd1e1668fb4760b8947f2aa918095929751a
SSDEEP

6144:p1Ds6JMObY5a44eiQOMth6N6aiZt9Z9ODKP3btu:p1DN34MTYainT9ODyBu

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3a31f7a4e56b723dc60ff0bd904d92fa9eed41caad3b272feb70e461fdda70cb
- Size
  
  426KB
- MD5
  
  0f04d8619d84a8b6a9f00d6c7b6703d5
- SHA1
  
  8b831f4fcf6c2827dc0c0db531c16bb90a8655c6
- SHA256
  
  3a31f7a4e56b723dc60ff0bd904d92fa9eed41caad3b272feb70e461fdda70cb
- SHA512
  
  356a913bafe731b846aad0f7d0c01055a7f7a33f94ff8739f9d8827883597ce050cf6ffe49a4810a5a67f7601fcfdd1e1668fb4760b8947f2aa918095929751a
- SSDEEP
  
  6144:p1Ds6JMObY5a44eiQOMth6N6aiZt9Z9ODKP3btu:p1DN34MTYainT9ODyBu
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2