a6123788bae6b27293feeb3829e57008650f439952acebb95993dba31251a3b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6123788bae6b27293feeb3829e57008650f439952acebb95993dba31251a3b4
Size

689KB
Sample

221204-aenngahe58
MD5

c3e915a89bb35fdaae815721d0efedfd
SHA1

348624bf6077a241641d5c6018049c7d0f9edcf3
SHA256

a6123788bae6b27293feeb3829e57008650f439952acebb95993dba31251a3b4
SHA512

8c8d9fc4e6059727ad8a3749cfb51f74d11f4727e2eaebc6a2f2343462f28ee07536e81ea693882b2a98604740085d95323def6d7006d56b5ed0aba96bbef69f
SSDEEP

12288:gzBSh/buFYgHFYh7P0gA/V0nlA45Uc98D6DGRtT8ZaTzthgA:gwxEYgHI78g+0nHC0aTzUA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a6123788bae6b27293feeb3829e57008650f439952acebb95993dba31251a3b4
- Size
  
  689KB
- MD5
  
  c3e915a89bb35fdaae815721d0efedfd
- SHA1
  
  348624bf6077a241641d5c6018049c7d0f9edcf3
- SHA256
  
  a6123788bae6b27293feeb3829e57008650f439952acebb95993dba31251a3b4
- SHA512
  
  8c8d9fc4e6059727ad8a3749cfb51f74d11f4727e2eaebc6a2f2343462f28ee07536e81ea693882b2a98604740085d95323def6d7006d56b5ed0aba96bbef69f
- SSDEEP
  
  12288:gzBSh/buFYgHFYh7P0gA/V0nlA45Uc98D6DGRtT8ZaTzthgA:gwxEYgHI78g+0nHC0aTzUA
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2