c72830cf086243d998ee4f8c734f8a0154e6b9d7bcddbd86c466648d05e4be20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c72830cf086243d998ee4f8c734f8a0154e6b9d7bcddbd86c466648d05e4be20
Size

306KB
Sample

221203-qnzebsgh61
MD5

dfbec6b3e7e4e41a7d036ecc8e7e4545
SHA1

cfcf3931dff44efc03efcf3f692745f09a8160ca
SHA256

c72830cf086243d998ee4f8c734f8a0154e6b9d7bcddbd86c466648d05e4be20
SHA512

00667317ff00cb4b46e54292a9ccd9728677c48d87500c1445a41c86f746e7645104d352ea58cc42618642a3d0ce5218346174b086faf80eb8b1f1914b16f3be
SSDEEP

6144:xp5Q1zw72KcSckK1ZOYLDHnc8hiskEBp+4gChFGDr:xp5Q1zw64cDr8u7kEBpOCzMr

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c72830cf086243d998ee4f8c734f8a0154e6b9d7bcddbd86c466648d05e4be20
- Size
  
  306KB
- MD5
  
  dfbec6b3e7e4e41a7d036ecc8e7e4545
- SHA1
  
  cfcf3931dff44efc03efcf3f692745f09a8160ca
- SHA256
  
  c72830cf086243d998ee4f8c734f8a0154e6b9d7bcddbd86c466648d05e4be20
- SHA512
  
  00667317ff00cb4b46e54292a9ccd9728677c48d87500c1445a41c86f746e7645104d352ea58cc42618642a3d0ce5218346174b086faf80eb8b1f1914b16f3be
- SSDEEP
  
  6144:xp5Q1zw72KcSckK1ZOYLDHnc8hiskEBp+4gChFGDr:xp5Q1zw64cDr8u7kEBpOCzMr
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2