bc7836735218ad2df5ef405c98656638f26b899d2c9806088d794ef9aaac08df | Triage

Sharing

General

Target

bc7836735218ad2df5ef405c98656638f26b899d2c9806088d794ef9aaac08df
Size

104KB
Sample

221203-rkl59sgc99
MD5

136864d60731fef1e93673c714547330
SHA1

8976325d66b8933022b71a5a4199f9454164ec0f
SHA256

bc7836735218ad2df5ef405c98656638f26b899d2c9806088d794ef9aaac08df
SHA512

89c7d1ae5ca0785e23cb8855d8d7221fc1c9d4f7a002c32471c7232796673b532000f9b3bf40427acdbd2e4f043ab53528749af5423ace1f4bc252fd99d6329b
SSDEEP

1536:RLHT7gb3xn0dHoRnX3/wkBiGpRiWKXs4T4:xfUBcoRnXPwciAEWKXsC4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bc7836735218ad2df5ef405c98656638f26b899d2c9806088d794ef9aaac08df
- Size
  
  104KB
- MD5
  
  136864d60731fef1e93673c714547330
- SHA1
  
  8976325d66b8933022b71a5a4199f9454164ec0f
- SHA256
  
  bc7836735218ad2df5ef405c98656638f26b899d2c9806088d794ef9aaac08df
- SHA512
  
  89c7d1ae5ca0785e23cb8855d8d7221fc1c9d4f7a002c32471c7232796673b532000f9b3bf40427acdbd2e4f043ab53528749af5423ace1f4bc252fd99d6329b
- SSDEEP
  
  1536:RLHT7gb3xn0dHoRnX3/wkBiGpRiWKXs4T4:xfUBcoRnXPwciAEWKXsC4
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2