f183d6b76a487f0fae6f459916907230ffedc6e12059a4ae8d6bb87ed437e543 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f183d6b76a487f0fae6f459916907230ffedc6e12059a4ae8d6bb87ed437e543
Size

129KB
Sample

221203-3g11ssfa73
MD5

b04497153ea1a834bf5fbb19ef865246
SHA1

f46c70ea8b7f4201770bbfe278502f46a84c4af2
SHA256

f183d6b76a487f0fae6f459916907230ffedc6e12059a4ae8d6bb87ed437e543
SHA512

bac2b62392d12f98e665ef54c19a72f1d5e012e5a5dca6ea0c5083293f219e205b345e0f6acfbbb1c76790a62c77155ede3906a16a9403ba4475a361e27e3dda
SSDEEP

3072:hdWttM8a14O1tHdR0456R2pN/UDtBrZbGEo2:hdWqCs60MBBrZbGEo2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f183d6b76a487f0fae6f459916907230ffedc6e12059a4ae8d6bb87ed437e543
- Size
  
  129KB
- MD5
  
  b04497153ea1a834bf5fbb19ef865246
- SHA1
  
  f46c70ea8b7f4201770bbfe278502f46a84c4af2
- SHA256
  
  f183d6b76a487f0fae6f459916907230ffedc6e12059a4ae8d6bb87ed437e543
- SHA512
  
  bac2b62392d12f98e665ef54c19a72f1d5e012e5a5dca6ea0c5083293f219e205b345e0f6acfbbb1c76790a62c77155ede3906a16a9403ba4475a361e27e3dda
- SSDEEP
  
  3072:hdWttM8a14O1tHdR0456R2pN/UDtBrZbGEo2:hdWqCs60MBBrZbGEo2
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2