74d25dca3fe6cc1dace781352d169dd27d2c2aad4f0756d7566d2ef9cdb1cc14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74d25dca3fe6cc1dace781352d169dd27d2c2aad4f0756d7566d2ef9cdb1cc14
Size

345KB
Sample

221203-xd65raad9x
MD5

4a1b7997ae11a8ef524a7cd9ea51304c
SHA1

03885cd1c5c4ca8280b5184e8414e273e1e99b62
SHA256

74d25dca3fe6cc1dace781352d169dd27d2c2aad4f0756d7566d2ef9cdb1cc14
SHA512

d2327db315452cb37f09861bb0d479aa9160c778ee958ad66a86293ed818f1a0983b470bbb98d22705a819bcf4fbf359afc9475d0e220e99978a943182dfd1fb
SSDEEP

6144:a85P5Yi7fK/MN6CoPws9lf+qYGMy4LiRCwsvqkq6D7QuW:N70JCSwYlrZEizwD7QuW

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  74d25dca3fe6cc1dace781352d169dd27d2c2aad4f0756d7566d2ef9cdb1cc14
- Size
  
  345KB
- MD5
  
  4a1b7997ae11a8ef524a7cd9ea51304c
- SHA1
  
  03885cd1c5c4ca8280b5184e8414e273e1e99b62
- SHA256
  
  74d25dca3fe6cc1dace781352d169dd27d2c2aad4f0756d7566d2ef9cdb1cc14
- SHA512
  
  d2327db315452cb37f09861bb0d479aa9160c778ee958ad66a86293ed818f1a0983b470bbb98d22705a819bcf4fbf359afc9475d0e220e99978a943182dfd1fb
- SSDEEP
  
  6144:a85P5Yi7fK/MN6CoPws9lf+qYGMy4LiRCwsvqkq6D7QuW:N70JCSwYlrZEizwD7QuW
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2