87a2754affb566ccd52b2ffe474ffbe9dd90ffd020bd9bd4a18250d9c8485f8b | Triage

Sharing

General

Target

87a2754affb566ccd52b2ffe474ffbe9dd90ffd020bd9bd4a18250d9c8485f8b
Size

279KB
Sample

221202-xgd85sgg5s
MD5

e9c0b54713c3f58985f6502d05813b5b
SHA1

7d4e368512a44776b2a9273465bb978d810b6f5a
SHA256

87a2754affb566ccd52b2ffe474ffbe9dd90ffd020bd9bd4a18250d9c8485f8b
SHA512

6cb135263f9aab6543971f852dae2fd304d48ff81ec9a69c4888961afffe5c4ea4ab07ab7a939aad3f937e1ed08801062363e76dbe2202df0d157c962ed8cba3
SSDEEP

6144:CGahaRFe4Bk/K/jNrart0Nz1rH/MWQDTi86OuyTtRN9vVti:CGiavOMxiW901i85uyxR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  87a2754affb566ccd52b2ffe474ffbe9dd90ffd020bd9bd4a18250d9c8485f8b
- Size
  
  279KB
- MD5
  
  e9c0b54713c3f58985f6502d05813b5b
- SHA1
  
  7d4e368512a44776b2a9273465bb978d810b6f5a
- SHA256
  
  87a2754affb566ccd52b2ffe474ffbe9dd90ffd020bd9bd4a18250d9c8485f8b
- SHA512
  
  6cb135263f9aab6543971f852dae2fd304d48ff81ec9a69c4888961afffe5c4ea4ab07ab7a939aad3f937e1ed08801062363e76dbe2202df0d157c962ed8cba3
- SSDEEP
  
  6144:CGahaRFe4Bk/K/jNrart0Nz1rH/MWQDTi86OuyTtRN9vVti:CGiavOMxiW901i85uyxR
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2