b20df5aa10a92b2f0edba6bfa489326960ae91281e5017a4528746248b22c174 | Triage

Sharing

General

Target

b20df5aa10a92b2f0edba6bfa489326960ae91281e5017a4528746248b22c174
Size

267KB
Sample

221203-hzz61ahg2y
MD5

295e0a20d9baa8f6565d293a7637f670
SHA1

273587911419d798d9d7f16f759c59f69f0972ca
SHA256

b20df5aa10a92b2f0edba6bfa489326960ae91281e5017a4528746248b22c174
SHA512

1776d1f016b8f338762fcb05aa6cebf3fe580e71cd368d4e20ec02c8236bcee266d6e3cbe8d2d397a3a04acc339db24ffa81aa9a4b210fb7a2b20c0fe2672eb8
SSDEEP

6144:KxZasmAMSle58AP7tmUk09zspjQi6i8xgWzDyQh+f+MmnQ:KBmAMjtPwUVpksvqWzONm

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b20df5aa10a92b2f0edba6bfa489326960ae91281e5017a4528746248b22c174
- Size
  
  267KB
- MD5
  
  295e0a20d9baa8f6565d293a7637f670
- SHA1
  
  273587911419d798d9d7f16f759c59f69f0972ca
- SHA256
  
  b20df5aa10a92b2f0edba6bfa489326960ae91281e5017a4528746248b22c174
- SHA512
  
  1776d1f016b8f338762fcb05aa6cebf3fe580e71cd368d4e20ec02c8236bcee266d6e3cbe8d2d397a3a04acc339db24ffa81aa9a4b210fb7a2b20c0fe2672eb8
- SSDEEP
  
  6144:KxZasmAMSle58AP7tmUk09zspjQi6i8xgWzDyQh+f+MmnQ:KBmAMjtPwUVpksvqWzONm
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2