bc2dfde21fdb88df37d31c72677b5842e0c07b7558ed0a57b3b4f1bd61a49871 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc2dfde21fdb88df37d31c72677b5842e0c07b7558ed0a57b3b4f1bd61a49871
Size

321KB
Sample

221203-cpejnaab3x
MD5

48297922172e0d1a7cf7606c4263c9ad
SHA1

c8c1c656382dd010cd313b196f6f951c64b6dd19
SHA256

bc2dfde21fdb88df37d31c72677b5842e0c07b7558ed0a57b3b4f1bd61a49871
SHA512

93bb7683e5985d7c89dc3610ce6698da230da796ab8c424b1fae4c9e9e75865ff93eedcdc4ab19c7c36743e42f3996c2690f688324ff7239e63d87be977dee19
SSDEEP

6144:TT+FQoWd7+swMHScIOq1G/P9RnC2CkErfo/:mFhWjycBqw9RC2gc/

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bc2dfde21fdb88df37d31c72677b5842e0c07b7558ed0a57b3b4f1bd61a49871
- Size
  
  321KB
- MD5
  
  48297922172e0d1a7cf7606c4263c9ad
- SHA1
  
  c8c1c656382dd010cd313b196f6f951c64b6dd19
- SHA256
  
  bc2dfde21fdb88df37d31c72677b5842e0c07b7558ed0a57b3b4f1bd61a49871
- SHA512
  
  93bb7683e5985d7c89dc3610ce6698da230da796ab8c424b1fae4c9e9e75865ff93eedcdc4ab19c7c36743e42f3996c2690f688324ff7239e63d87be977dee19
- SSDEEP
  
  6144:TT+FQoWd7+swMHScIOq1G/P9RnC2CkErfo/:mFhWjycBqw9RC2gc/
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2