f171b882c40e5a90709d3714e4cea91b8743944947fe9eb2440ddc54603b333c | Triage

Sharing

General

Target

f171b882c40e5a90709d3714e4cea91b8743944947fe9eb2440ddc54603b333c
Size

411KB
Sample

221203-nhn1aseh24
MD5

33c23c97085e34639c49a23a6cfc8030
SHA1

795f68f75057304df322088f297780fa8093e7a2
SHA256

f171b882c40e5a90709d3714e4cea91b8743944947fe9eb2440ddc54603b333c
SHA512

9a54e90f161558866b8b1ff57d442d872e4de80ccc0ec85e5f04c029884f37e94e650878c731160da53db0b6d66f67bf8d6437f4a1816cdddab7d02bd0881cd5
SSDEEP

6144:9GK72eIRSCvvItQMwVWCtR8HYnOWGHokTCW:9pYRpHQQM+DOW0oE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f171b882c40e5a90709d3714e4cea91b8743944947fe9eb2440ddc54603b333c
- Size
  
  411KB
- MD5
  
  33c23c97085e34639c49a23a6cfc8030
- SHA1
  
  795f68f75057304df322088f297780fa8093e7a2
- SHA256
  
  f171b882c40e5a90709d3714e4cea91b8743944947fe9eb2440ddc54603b333c
- SHA512
  
  9a54e90f161558866b8b1ff57d442d872e4de80ccc0ec85e5f04c029884f37e94e650878c731160da53db0b6d66f67bf8d6437f4a1816cdddab7d02bd0881cd5
- SSDEEP
  
  6144:9GK72eIRSCvvItQMwVWCtR8HYnOWGHokTCW:9pYRpHQQM+DOW0oE
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2