bc77acb3b3079ba45c7d7bdc23cadb7f082ae19314e5c33e487712d7cb5d9570 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc77acb3b3079ba45c7d7bdc23cadb7f082ae19314e5c33e487712d7cb5d9570
Size

188KB
Sample

221203-ym2r3aee4y
MD5

e2dfeedddcad222a0edb6e4a9b5205a4
SHA1

28b295ca49a0ad53781268d1c3e8d27d2234906d
SHA256

bc77acb3b3079ba45c7d7bdc23cadb7f082ae19314e5c33e487712d7cb5d9570
SHA512

4d11e449ebca7fafd21695344b09cad1978c1805f1bc104678450dd8305247890d0b9b4e2299bb2a1c5cf5ca744e57181fb9a6d0181d74d8ea8052e2109cd8c4
SSDEEP

3072:hxAyNAeOYtRDbbUWPe2kosiRspAeYsqXCJupklH9JklY:hKqATYrD/3spVjqCupkjJkl

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bc77acb3b3079ba45c7d7bdc23cadb7f082ae19314e5c33e487712d7cb5d9570
- Size
  
  188KB
- MD5
  
  e2dfeedddcad222a0edb6e4a9b5205a4
- SHA1
  
  28b295ca49a0ad53781268d1c3e8d27d2234906d
- SHA256
  
  bc77acb3b3079ba45c7d7bdc23cadb7f082ae19314e5c33e487712d7cb5d9570
- SHA512
  
  4d11e449ebca7fafd21695344b09cad1978c1805f1bc104678450dd8305247890d0b9b4e2299bb2a1c5cf5ca744e57181fb9a6d0181d74d8ea8052e2109cd8c4
- SSDEEP
  
  3072:hxAyNAeOYtRDbbUWPe2kosiRspAeYsqXCJupklH9JklY:hKqATYrD/3spVjqCupkjJkl
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2