e55942e40130bbb2f87882a3261af69967fec701f688ede6ff8d01a2d85191fb | Triage

Sharing

General

Target

e55942e40130bbb2f87882a3261af69967fec701f688ede6ff8d01a2d85191fb
Size

460KB
Sample

221203-3yqw6ace9y
MD5

06328d066b3f9df9d972df3e2d51a040
SHA1

84f0a7e23a489b502a1292114caa35f65455344f
SHA256

e55942e40130bbb2f87882a3261af69967fec701f688ede6ff8d01a2d85191fb
SHA512

fc1593247cb9a026bdd49cb6c0926b5d8d38f8bf4fc96d142d9e0e5d0f2530aa98e708f0b2c8ccec6bdf8c69cfd0fe84e88eac03b9b2a7e2a06ef840d80da779
SSDEEP

12288:vM2yCHc5ulwEpmWWZVzfHENc+xW30dWcEX:v3rkulYtVjHENXx80dTEX

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  e55942e40130bbb2f87882a3261af69967fec701f688ede6ff8d01a2d85191fb
- Size
  
  460KB
- MD5
  
  06328d066b3f9df9d972df3e2d51a040
- SHA1
  
  84f0a7e23a489b502a1292114caa35f65455344f
- SHA256
  
  e55942e40130bbb2f87882a3261af69967fec701f688ede6ff8d01a2d85191fb
- SHA512
  
  fc1593247cb9a026bdd49cb6c0926b5d8d38f8bf4fc96d142d9e0e5d0f2530aa98e708f0b2c8ccec6bdf8c69cfd0fe84e88eac03b9b2a7e2a06ef840d80da779
- SSDEEP
  
  12288:vM2yCHc5ulwEpmWWZVzfHENc+xW30dWcEX:v3rkulYtVjHENXx80dTEX
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2