a1d3a0f83c829bd673c5f3e3616c8218262e70246a8623b3b90d37140191e792 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1d3a0f83c829bd673c5f3e3616c8218262e70246a8623b3b90d37140191e792
Size

88KB
Sample

221203-xk8l6afe23
MD5

7c3b2f9a328d24c010d1ccb77f4b9888
SHA1

155e69b0c046fb2b291413e29117433a2ee6d95d
SHA256

a1d3a0f83c829bd673c5f3e3616c8218262e70246a8623b3b90d37140191e792
SHA512

204aea54e4f9087ffe0ab6eb7095c2f58e2823849758645f3734d4e39f9cb27e4166ea1fe0a52cf89b0e4aae056e8df977146e2a2273770a86964cf91f127686
SSDEEP

1536:G5GJEhlcbW5sk1BlfLvveIbXWm+nwN6JdKs5g7ZNhAY8fjoegdeD2aGgd9caV/0B:8Gu9BlfzWIbXWm+w0Jd5uNhAY88tdeKh

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a1d3a0f83c829bd673c5f3e3616c8218262e70246a8623b3b90d37140191e792
- Size
  
  88KB
- MD5
  
  7c3b2f9a328d24c010d1ccb77f4b9888
- SHA1
  
  155e69b0c046fb2b291413e29117433a2ee6d95d
- SHA256
  
  a1d3a0f83c829bd673c5f3e3616c8218262e70246a8623b3b90d37140191e792
- SHA512
  
  204aea54e4f9087ffe0ab6eb7095c2f58e2823849758645f3734d4e39f9cb27e4166ea1fe0a52cf89b0e4aae056e8df977146e2a2273770a86964cf91f127686
- SSDEEP
  
  1536:G5GJEhlcbW5sk1BlfLvveIbXWm+nwN6JdKs5g7ZNhAY8fjoegdeD2aGgd9caV/0B:8Gu9BlfzWIbXWm+w0Jd5uNhAY88tdeKh
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2