aab9392bddd166429cbb255272eee762323559e9f2288697011c35e3bf174271 | Triage

Sharing

General

Target

aab9392bddd166429cbb255272eee762323559e9f2288697011c35e3bf174271
Size

379KB
Sample

221203-df242ace2x
MD5

96659af1dc79f0583a13286fa0b1ed01
SHA1

9298d4dfd2e4ce32bba23aada20943e74e93892a
SHA256

aab9392bddd166429cbb255272eee762323559e9f2288697011c35e3bf174271
SHA512

c7404a9cbb402b51883e811b8130555bad2d5781e8d4ea5d5b3b30467b347d3e1ae84d99c0f3ab99b65fc2a16bc1ea78471c7ea0d349e3129a36c36073b9dc83
SSDEEP

6144:0GnWWZEw8M4kM0BiGEvHTjxXKtT7T3pLt9wFQVfqh6blAhl4gALrqxi8yCRU:/WeEUBxUHTjx6B35tiFphgw4gA/Ii8PU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  aab9392bddd166429cbb255272eee762323559e9f2288697011c35e3bf174271
- Size
  
  379KB
- MD5
  
  96659af1dc79f0583a13286fa0b1ed01
- SHA1
  
  9298d4dfd2e4ce32bba23aada20943e74e93892a
- SHA256
  
  aab9392bddd166429cbb255272eee762323559e9f2288697011c35e3bf174271
- SHA512
  
  c7404a9cbb402b51883e811b8130555bad2d5781e8d4ea5d5b3b30467b347d3e1ae84d99c0f3ab99b65fc2a16bc1ea78471c7ea0d349e3129a36c36073b9dc83
- SSDEEP
  
  6144:0GnWWZEw8M4kM0BiGEvHTjxXKtT7T3pLt9wFQVfqh6blAhl4gALrqxi8yCRU:/WeEUBxUHTjx6B35tiFphgw4gA/Ii8PU
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2