bb8807be09abef1681f7fed6baada982096d0a556476e121c64840469d99ef59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb8807be09abef1681f7fed6baada982096d0a556476e121c64840469d99ef59
Size

354KB
Sample

221203-clltkahh21
MD5

8ed095e35fad9afe1896173db162e5a5
SHA1

21d0d2c598deec04b4c660dbc32781ba4e625722
SHA256

bb8807be09abef1681f7fed6baada982096d0a556476e121c64840469d99ef59
SHA512

894b9ca6dbf0335fb748d8c13b2da0e54cdb8099d1cb45fa051164be7faecba74ee6971756ca41d0dee60658443c282e101adf70dba8ba864b6550b975c444b9
SSDEEP

6144:ctKn+u6Helr0DXe2VwXr5py1oyn25pW6bacHO4lJyuK:cy6HelreLwXdpy3cplWcHllJS

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bb8807be09abef1681f7fed6baada982096d0a556476e121c64840469d99ef59
- Size
  
  354KB
- MD5
  
  8ed095e35fad9afe1896173db162e5a5
- SHA1
  
  21d0d2c598deec04b4c660dbc32781ba4e625722
- SHA256
  
  bb8807be09abef1681f7fed6baada982096d0a556476e121c64840469d99ef59
- SHA512
  
  894b9ca6dbf0335fb748d8c13b2da0e54cdb8099d1cb45fa051164be7faecba74ee6971756ca41d0dee60658443c282e101adf70dba8ba864b6550b975c444b9
- SSDEEP
  
  6144:ctKn+u6Helr0DXe2VwXr5py1oyn25pW6bacHO4lJyuK:cy6HelreLwXdpy3cplWcHllJS
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2