2e1f8a3b7440b51fc122d733cc3c989c359eeb17d12aaf4990513d628f47e115 | Triage

Sharing

General

Target

2e1f8a3b7440b51fc122d733cc3c989c359eeb17d12aaf4990513d628f47e115
Size

301KB
Sample

221202-an81rseh62
MD5

fc3a5187b5cf5f92e0b40cb31a01f1db
SHA1

ac4ffcec9bf2c0a3989a516c78737c6cd37fa548
SHA256

2e1f8a3b7440b51fc122d733cc3c989c359eeb17d12aaf4990513d628f47e115
SHA512

c68891fd569ba667e90995328ebbb5e437e0c2369545ae31f09b40f356bc2886892a7e112d930e22ae94fb656522afa1ca63295b3c51270f98a343c04d662b30
SSDEEP

6144:WKOadcbBWriOZ2z1IJq/6Z/yYaxZ2Fqy6+1V6a:WKldcbBKPtJq2amFqyLb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2e1f8a3b7440b51fc122d733cc3c989c359eeb17d12aaf4990513d628f47e115
- Size
  
  301KB
- MD5
  
  fc3a5187b5cf5f92e0b40cb31a01f1db
- SHA1
  
  ac4ffcec9bf2c0a3989a516c78737c6cd37fa548
- SHA256
  
  2e1f8a3b7440b51fc122d733cc3c989c359eeb17d12aaf4990513d628f47e115
- SHA512
  
  c68891fd569ba667e90995328ebbb5e437e0c2369545ae31f09b40f356bc2886892a7e112d930e22ae94fb656522afa1ca63295b3c51270f98a343c04d662b30
- SSDEEP
  
  6144:WKOadcbBWriOZ2z1IJq/6Z/yYaxZ2Fqy6+1V6a:WKldcbBKPtJq2amFqyLb
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2