da7d74e6ca9d10a56ca2788ae0630a528adebe918db333ecd18416ccf3d07c69 | Triage

Sharing

General

Target

da7d74e6ca9d10a56ca2788ae0630a528adebe918db333ecd18416ccf3d07c69
Size

359KB
Sample

221203-azydeadc3z
MD5

d87348fea9f73f3eb70cfaa85be58e1f
SHA1

0cd52b8d8908c2554388c771821e62d628105704
SHA256

da7d74e6ca9d10a56ca2788ae0630a528adebe918db333ecd18416ccf3d07c69
SHA512

f85978289b435b1bc8a3789b0c2507a450fe256570fc87562c995fe523f6e323d6cc1283d339b9c8cd1cb5e5263aacd1afa1950141b96b778deb308b9d6a626a
SSDEEP

6144:E3Dk4W2GD/XQ9u/xUffWkMk4T5iup7blk2k7uEcldPlLWAfTfb9btTm:AcD/XQA/Wnb65lJgk9yAy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  da7d74e6ca9d10a56ca2788ae0630a528adebe918db333ecd18416ccf3d07c69
- Size
  
  359KB
- MD5
  
  d87348fea9f73f3eb70cfaa85be58e1f
- SHA1
  
  0cd52b8d8908c2554388c771821e62d628105704
- SHA256
  
  da7d74e6ca9d10a56ca2788ae0630a528adebe918db333ecd18416ccf3d07c69
- SHA512
  
  f85978289b435b1bc8a3789b0c2507a450fe256570fc87562c995fe523f6e323d6cc1283d339b9c8cd1cb5e5263aacd1afa1950141b96b778deb308b9d6a626a
- SSDEEP
  
  6144:E3Dk4W2GD/XQ9u/xUffWkMk4T5iup7blk2k7uEcldPlLWAfTfb9btTm:AcD/XQA/Wnb65lJgk9yAy
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2