b9fb5289de82d44893f8e1b71d2140a92436852e1b386874f91889131bafc767 | Triage

Sharing

General

Target

b9fb5289de82d44893f8e1b71d2140a92436852e1b386874f91889131bafc767
Size

378KB
Sample

221203-rse2xsce2s
MD5

e6793f83747d2053b09298793c746a37
SHA1

8ecb2cb194efb58b7e6cd095e8889d329eb378e5
SHA256

b9fb5289de82d44893f8e1b71d2140a92436852e1b386874f91889131bafc767
SHA512

33ffc4d03fd4b0d784d85d94773f996e910d249f83a73fc63bea32f012d9fb4b08d695e11179b738a06c5d091139bc3c7dc38f59e872fab50961ce9eca9d1ccb
SSDEEP

6144:9GnWWZnUWJt0fTxgBwfM8pWc1f63pxdR/qZiwDlpqa2qqL0th4vEd:SWCtBn8fBcxdMZ7hMDFuhIEd

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b9fb5289de82d44893f8e1b71d2140a92436852e1b386874f91889131bafc767
- Size
  
  378KB
- MD5
  
  e6793f83747d2053b09298793c746a37
- SHA1
  
  8ecb2cb194efb58b7e6cd095e8889d329eb378e5
- SHA256
  
  b9fb5289de82d44893f8e1b71d2140a92436852e1b386874f91889131bafc767
- SHA512
  
  33ffc4d03fd4b0d784d85d94773f996e910d249f83a73fc63bea32f012d9fb4b08d695e11179b738a06c5d091139bc3c7dc38f59e872fab50961ce9eca9d1ccb
- SSDEEP
  
  6144:9GnWWZnUWJt0fTxgBwfM8pWc1f63pxdR/qZiwDlpqa2qqL0th4vEd:SWCtBn8fBcxdMZ7hMDFuhIEd
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2