be9c571d8a0b9b2e5bce5f23cc694a69913e91c0993f27a07435fa78c352c817 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be9c571d8a0b9b2e5bce5f23cc694a69913e91c0993f27a07435fa78c352c817
Size

131KB
Sample

221203-gsmrnaag98
MD5

28ce116fcbfa4f781b0212d75b109946
SHA1

a4e6b5d987be76c7172f4b8e997a3ca9df641e3f
SHA256

be9c571d8a0b9b2e5bce5f23cc694a69913e91c0993f27a07435fa78c352c817
SHA512

c0d10b1d99b32b5ad6e232de1f80009182ebf06e88cbe1e3ef5f2d325a6dfc9c4e5ed3bba4ec8bfe0ef3700a1fcd39a8c58050e9aff99e2f616b1765c3f313a0
SSDEEP

3072:uMmncESH4efNoUjELJe2Vo4GhkEVDoHh2FmgyGnOo6EwBjn:uMmncqeb0Je2VophFDoSvnOoz

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  be9c571d8a0b9b2e5bce5f23cc694a69913e91c0993f27a07435fa78c352c817
- Size
  
  131KB
- MD5
  
  28ce116fcbfa4f781b0212d75b109946
- SHA1
  
  a4e6b5d987be76c7172f4b8e997a3ca9df641e3f
- SHA256
  
  be9c571d8a0b9b2e5bce5f23cc694a69913e91c0993f27a07435fa78c352c817
- SHA512
  
  c0d10b1d99b32b5ad6e232de1f80009182ebf06e88cbe1e3ef5f2d325a6dfc9c4e5ed3bba4ec8bfe0ef3700a1fcd39a8c58050e9aff99e2f616b1765c3f313a0
- SSDEEP
  
  3072:uMmncESH4efNoUjELJe2Vo4GhkEVDoHh2FmgyGnOo6EwBjn:uMmncqeb0Je2VophFDoSvnOoz
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2