c62adca75fef1bb4e50cfeb13ac43c22d1a445799eb58bf8ff8dd372d7e59069 | Triage

Sharing

General

Target

c62adca75fef1bb4e50cfeb13ac43c22d1a445799eb58bf8ff8dd372d7e59069
Size

168KB
Sample

221203-qjmjzadb62
MD5

86199759bd758d2afd7a48930a52d9e5
SHA1

15d39bfc6dc27cafed9992cca498ed57f85f9255
SHA256

c62adca75fef1bb4e50cfeb13ac43c22d1a445799eb58bf8ff8dd372d7e59069
SHA512

8eab695b954a984679690b627a95a748085f1e28716b1f5a7b0ebb87a8e93c485e6e8f05cff4f9a67b08ec3bfdf4b4a8822938572ee8c62e043b119dad2c8bcd
SSDEEP

3072:IyWVsYNP0kKBQnGuDPyhltDCbTO+0o8aiGVx+4qrVGq1Ywt:Is8nR7+h4liGX+1rVGq1

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c62adca75fef1bb4e50cfeb13ac43c22d1a445799eb58bf8ff8dd372d7e59069
- Size
  
  168KB
- MD5
  
  86199759bd758d2afd7a48930a52d9e5
- SHA1
  
  15d39bfc6dc27cafed9992cca498ed57f85f9255
- SHA256
  
  c62adca75fef1bb4e50cfeb13ac43c22d1a445799eb58bf8ff8dd372d7e59069
- SHA512
  
  8eab695b954a984679690b627a95a748085f1e28716b1f5a7b0ebb87a8e93c485e6e8f05cff4f9a67b08ec3bfdf4b4a8822938572ee8c62e043b119dad2c8bcd
- SSDEEP
  
  3072:IyWVsYNP0kKBQnGuDPyhltDCbTO+0o8aiGVx+4qrVGq1Ywt:Is8nR7+h4liGX+1rVGq1
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2