b36d19b57c6e1b792c1c786df0f0ecb9c852a65e11a02d1959245a5ba3ee752c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b36d19b57c6e1b792c1c786df0f0ecb9c852a65e11a02d1959245a5ba3ee752c
Size

351KB
Sample

221202-wvl1gafa2w
MD5

eeddbd76e2121398a37f3e2e86872be8
SHA1

c72769fbd9d6badeb44b79f13d5c40a3ee309343
SHA256

b36d19b57c6e1b792c1c786df0f0ecb9c852a65e11a02d1959245a5ba3ee752c
SHA512

033fb67a1b47b2a7a08c72add3e425a28f4f192bb77808172a0d6f22402ca3a75d6fc8b9a10176a4d1fd4bd18d2c9a9f6c4061e3b1b29cc388b15e0e30f269dd
SSDEEP

6144:fLGVGJcKFEz7QYV/hcnAptNU3Rwd+7bqJRkrayVGy:fLGVOEz75/9ptGyCbqJDyX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b36d19b57c6e1b792c1c786df0f0ecb9c852a65e11a02d1959245a5ba3ee752c
- Size
  
  351KB
- MD5
  
  eeddbd76e2121398a37f3e2e86872be8
- SHA1
  
  c72769fbd9d6badeb44b79f13d5c40a3ee309343
- SHA256
  
  b36d19b57c6e1b792c1c786df0f0ecb9c852a65e11a02d1959245a5ba3ee752c
- SHA512
  
  033fb67a1b47b2a7a08c72add3e425a28f4f192bb77808172a0d6f22402ca3a75d6fc8b9a10176a4d1fd4bd18d2c9a9f6c4061e3b1b29cc388b15e0e30f269dd
- SSDEEP
  
  6144:fLGVGJcKFEz7QYV/hcnAptNU3Rwd+7bqJRkrayVGy:fLGVOEz75/9ptGyCbqJDyX
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2