ac2488f44ab74fcd8460dc6926a70b8a5c89ccd67154467177dcbf75ae2213d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac2488f44ab74fcd8460dc6926a70b8a5c89ccd67154467177dcbf75ae2213d0
Size

323KB
Sample

221203-3d5jtaeg56
MD5

f4dbf281391e24cfc609ea3961aae37e
SHA1

d9923595f7447076f29afd363b63c26aac7c8558
SHA256

ac2488f44ab74fcd8460dc6926a70b8a5c89ccd67154467177dcbf75ae2213d0
SHA512

915fd90d0d53d09bab52d46b8cfd311c435881081f8717cd0654870f1d057edc34c69fba83bfde38cfa51dc9d05c297e828291dfaeedd305414524c9acf07300
SSDEEP

6144:uqf5wfwd99vxoYCY+Li9IBCiiortLek9ZvLmE7JWAB:Zf5os9Do2vorskzCQJBB

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ac2488f44ab74fcd8460dc6926a70b8a5c89ccd67154467177dcbf75ae2213d0
- Size
  
  323KB
- MD5
  
  f4dbf281391e24cfc609ea3961aae37e
- SHA1
  
  d9923595f7447076f29afd363b63c26aac7c8558
- SHA256
  
  ac2488f44ab74fcd8460dc6926a70b8a5c89ccd67154467177dcbf75ae2213d0
- SHA512
  
  915fd90d0d53d09bab52d46b8cfd311c435881081f8717cd0654870f1d057edc34c69fba83bfde38cfa51dc9d05c297e828291dfaeedd305414524c9acf07300
- SSDEEP
  
  6144:uqf5wfwd99vxoYCY+Li9IBCiiortLek9ZvLmE7JWAB:Zf5os9Do2vorskzCQJBB
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2