ce2bce5108873c53a73fcc79d5354974abadbf876d61a6b8977e6102a50ad506 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce2bce5108873c53a73fcc79d5354974abadbf876d61a6b8977e6102a50ad506
Size

144KB
Sample

221205-f4641aea5s
MD5

8c997c6765db765812f7e8465b9bbb53
SHA1

35dec0849035683e56526592b235ff5a6b297463
SHA256

ce2bce5108873c53a73fcc79d5354974abadbf876d61a6b8977e6102a50ad506
SHA512

a5745326135993e4c4623c8e55fcc39bab40cf2c4e7af883c27c09dc64cd47028f3734bb2643250508149b37c64f0590a03b2156ace727b54cc948cc2854ea3c
SSDEEP

3072:+a83WAGtIH+8EcRoBsWbye4xpju6lQV/oi+Sdq:+3Oi8pt2/Qqk

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ce2bce5108873c53a73fcc79d5354974abadbf876d61a6b8977e6102a50ad506
- Size
  
  144KB
- MD5
  
  8c997c6765db765812f7e8465b9bbb53
- SHA1
  
  35dec0849035683e56526592b235ff5a6b297463
- SHA256
  
  ce2bce5108873c53a73fcc79d5354974abadbf876d61a6b8977e6102a50ad506
- SHA512
  
  a5745326135993e4c4623c8e55fcc39bab40cf2c4e7af883c27c09dc64cd47028f3734bb2643250508149b37c64f0590a03b2156ace727b54cc948cc2854ea3c
- SSDEEP
  
  3072:+a83WAGtIH+8EcRoBsWbye4xpju6lQV/oi+Sdq:+3Oi8pt2/Qqk
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2