24194d67cd8a89614ca59082f541eca81f320e2f67a6dd2b98d364d98e515fe8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24194d67cd8a89614ca59082f541eca81f320e2f67a6dd2b98d364d98e515fe8
Size

294KB
Sample

221202-awyj1afe64
MD5

bef12aec265eb592060d3d4958a40d21
SHA1

354e0c6e247d05bab99dbea446a28e97e37e6021
SHA256

24194d67cd8a89614ca59082f541eca81f320e2f67a6dd2b98d364d98e515fe8
SHA512

de596bfb97ec112f5a44bc468199d2917a4dee38ad1e54626b2ba2b371a954ea53b7443947b1c47d42852b381f39fd3242e56ca15eb71a2d1f3404b82775f106
SSDEEP

6144:S4OySxlcrxMb/07K86gD+bW55zbMLdOQLmlDMMSXO:SNySkrxl28/75Zb2cQLmlDMFO

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  24194d67cd8a89614ca59082f541eca81f320e2f67a6dd2b98d364d98e515fe8
- Size
  
  294KB
- MD5
  
  bef12aec265eb592060d3d4958a40d21
- SHA1
  
  354e0c6e247d05bab99dbea446a28e97e37e6021
- SHA256
  
  24194d67cd8a89614ca59082f541eca81f320e2f67a6dd2b98d364d98e515fe8
- SHA512
  
  de596bfb97ec112f5a44bc468199d2917a4dee38ad1e54626b2ba2b371a954ea53b7443947b1c47d42852b381f39fd3242e56ca15eb71a2d1f3404b82775f106
- SSDEEP
  
  6144:S4OySxlcrxMb/07K86gD+bW55zbMLdOQLmlDMMSXO:SNySkrxl28/75Zb2cQLmlDMFO
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2