c54249746cc80ae306b19229e874e4543b9e5e2a4929b511af892f4fb1203e30 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c54249746cc80ae306b19229e874e4543b9e5e2a4929b511af892f4fb1203e30
Size

55KB
Sample

221204-qg418sfg2y
MD5

3f2444e69a32cd51503c1ec504d5a9ae
SHA1

7f4ca95145fcc7fc4b39bd9f4c1afd686f018097
SHA256

c54249746cc80ae306b19229e874e4543b9e5e2a4929b511af892f4fb1203e30
SHA512

88b7f3ab12d6130571b5568e71d387f85acecb54b142eda73df285c295c38e728811bf747cffc6e5ddecc1649e463a3e315eb2573724cd1c9d3ce1ac8ac50d96
SSDEEP

768:zYkO6eNoWyR3UwBMlipQndrClCdeN4O+joq5kIESieXmd:gFqMlipQUUs4Fp5xESz2d

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c54249746cc80ae306b19229e874e4543b9e5e2a4929b511af892f4fb1203e30
- Size
  
  55KB
- MD5
  
  3f2444e69a32cd51503c1ec504d5a9ae
- SHA1
  
  7f4ca95145fcc7fc4b39bd9f4c1afd686f018097
- SHA256
  
  c54249746cc80ae306b19229e874e4543b9e5e2a4929b511af892f4fb1203e30
- SHA512
  
  88b7f3ab12d6130571b5568e71d387f85acecb54b142eda73df285c295c38e728811bf747cffc6e5ddecc1649e463a3e315eb2573724cd1c9d3ce1ac8ac50d96
- SSDEEP
  
  768:zYkO6eNoWyR3UwBMlipQndrClCdeN4O+joq5kIESieXmd:gFqMlipQUUs4Fp5xESz2d
Score

8^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2