cc3c9ef4c5c2c0e4091520ca53c133652cff3013408017f2c2d66a87e43f4d99 | Triage

Sharing

General

Target

cc3c9ef4c5c2c0e4091520ca53c133652cff3013408017f2c2d66a87e43f4d99
Size

501KB
Sample

221203-p8jc6scc28
MD5

70ba395b631e31f278ab7baf879e6218
SHA1

437d00c3e5cb573c416fdee88bb058c177f80736
SHA256

cc3c9ef4c5c2c0e4091520ca53c133652cff3013408017f2c2d66a87e43f4d99
SHA512

e60d6cce55daf9ad1760ac5322669e17f93f13c6c6adc0b25c77e4f4aaa0d5a63368e3b9d004cfbbe0687396e2367b2f75993aea9841fcd4a31d664be2ff2c12
SSDEEP

6144:pdNszUtPwxMqhqTpMjSFDWG1rOaCNDGLQvoEnv3U2Y72mxK4advrzHpKBD:p6VmdMGV2lHY72MK7dXkBD

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cc3c9ef4c5c2c0e4091520ca53c133652cff3013408017f2c2d66a87e43f4d99
- Size
  
  501KB
- MD5
  
  70ba395b631e31f278ab7baf879e6218
- SHA1
  
  437d00c3e5cb573c416fdee88bb058c177f80736
- SHA256
  
  cc3c9ef4c5c2c0e4091520ca53c133652cff3013408017f2c2d66a87e43f4d99
- SHA512
  
  e60d6cce55daf9ad1760ac5322669e17f93f13c6c6adc0b25c77e4f4aaa0d5a63368e3b9d004cfbbe0687396e2367b2f75993aea9841fcd4a31d664be2ff2c12
- SSDEEP
  
  6144:pdNszUtPwxMqhqTpMjSFDWG1rOaCNDGLQvoEnv3U2Y72mxK4advrzHpKBD:p6VmdMGV2lHY72MK7dXkBD
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2