88f12ab73ac0ec94682e626ad062c769df495ad930ef36598cb7041a41c59722 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88f12ab73ac0ec94682e626ad062c769df495ad930ef36598cb7041a41c59722
Size

310KB
Sample

221204-jqv2csea3v
MD5

0391ceef86887edadca057904b588570
SHA1

ef07326b600dfa8112a33393b8b720270927a205
SHA256

88f12ab73ac0ec94682e626ad062c769df495ad930ef36598cb7041a41c59722
SHA512

1d997968732c28f6f525a6536baffd3c94bc6a9ba8165ac5aa666fb8e309935af81c5d04b27fab174984509d9a62ad767bdb54862274bd6fc02dc4adb3412f5e
SSDEEP

6144:WcvltKea0aKaeOwwZmzP7KUo95beRE9/1pRM6GetqUxaG:WcThbvSmb7Bo95be43RM6GeIUX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  88f12ab73ac0ec94682e626ad062c769df495ad930ef36598cb7041a41c59722
- Size
  
  310KB
- MD5
  
  0391ceef86887edadca057904b588570
- SHA1
  
  ef07326b600dfa8112a33393b8b720270927a205
- SHA256
  
  88f12ab73ac0ec94682e626ad062c769df495ad930ef36598cb7041a41c59722
- SHA512
  
  1d997968732c28f6f525a6536baffd3c94bc6a9ba8165ac5aa666fb8e309935af81c5d04b27fab174984509d9a62ad767bdb54862274bd6fc02dc4adb3412f5e
- SSDEEP
  
  6144:WcvltKea0aKaeOwwZmzP7KUo95beRE9/1pRM6GetqUxaG:WcThbvSmb7Bo95be43RM6GeIUX
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2