b5f2b0792458578829f2c0f3bc8b4154c903f516b5e154223f38e5c6c3ced3a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5f2b0792458578829f2c0f3bc8b4154c903f516b5e154223f38e5c6c3ced3a8
Size

103KB
Sample

221202-zp53yagf41
MD5

56ee52297271c6b93d6dae8d68c38c5d
SHA1

092a21b90b23d65a841f7178e00d1ad5996cba84
SHA256

b5f2b0792458578829f2c0f3bc8b4154c903f516b5e154223f38e5c6c3ced3a8
SHA512

bd15ad2fe47018639629ed1286638e7dee4381a0c07a5f0fa9b84c6b08f77fc92fb099a4c560666565e894005778479433357f589f7a5d433959ce51480f0849
SSDEEP

1536:V5neEhlcTW5sk1jtf2XvWINndIcN6Jdas5gPzCz4uQu801JXDkaDuX3ePTE0Q55r:3nj9jtfU+INndIc0J15lzfQ90prbTYQ4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b5f2b0792458578829f2c0f3bc8b4154c903f516b5e154223f38e5c6c3ced3a8
- Size
  
  103KB
- MD5
  
  56ee52297271c6b93d6dae8d68c38c5d
- SHA1
  
  092a21b90b23d65a841f7178e00d1ad5996cba84
- SHA256
  
  b5f2b0792458578829f2c0f3bc8b4154c903f516b5e154223f38e5c6c3ced3a8
- SHA512
  
  bd15ad2fe47018639629ed1286638e7dee4381a0c07a5f0fa9b84c6b08f77fc92fb099a4c560666565e894005778479433357f589f7a5d433959ce51480f0849
- SSDEEP
  
  1536:V5neEhlcTW5sk1jtf2XvWINndIcN6Jdas5gPzCz4uQu801JXDkaDuX3ePTE0Q55r:3nj9jtfU+INndIc0J15lzfQ90prbTYQ4
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2