de4e90bac01ef55f6ea890c75bb6cfdb5a03320e3937993dc5fd4f236cf834eb | Triage

Sharing

General

Target

de4e90bac01ef55f6ea890c75bb6cfdb5a03320e3937993dc5fd4f236cf834eb
Size

411KB
Sample

221203-d92elabh24
MD5

daa1ca3db84279c6104551ded4035c48
SHA1

fdeea70a779146e9a648a87528e5e3d344ebc0db
SHA256

de4e90bac01ef55f6ea890c75bb6cfdb5a03320e3937993dc5fd4f236cf834eb
SHA512

67801d0e933adebf0ecf49ddf75e02123477a68954fa0873ea0da57cc99721fe3f89b818e8b6d6a3fc9e92c96be5f96ebdadd0777c8d5469e746ddcf336dee01
SSDEEP

6144:9GK723lL97i0rkf+ElKaCa+Ni2rqES8VITfR:9pOL9DLAKXaJjTJ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  de4e90bac01ef55f6ea890c75bb6cfdb5a03320e3937993dc5fd4f236cf834eb
- Size
  
  411KB
- MD5
  
  daa1ca3db84279c6104551ded4035c48
- SHA1
  
  fdeea70a779146e9a648a87528e5e3d344ebc0db
- SHA256
  
  de4e90bac01ef55f6ea890c75bb6cfdb5a03320e3937993dc5fd4f236cf834eb
- SHA512
  
  67801d0e933adebf0ecf49ddf75e02123477a68954fa0873ea0da57cc99721fe3f89b818e8b6d6a3fc9e92c96be5f96ebdadd0777c8d5469e746ddcf336dee01
- SSDEEP
  
  6144:9GK723lL97i0rkf+ElKaCa+Ni2rqES8VITfR:9pOL9DLAKXaJjTJ
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2