aa3f4afcaf15d8bee98661477621b34e1ffb65518ed7d957bee111b5268efa52 | Triage

Sharing

General

Target

aa3f4afcaf15d8bee98661477621b34e1ffb65518ed7d957bee111b5268efa52
Size

95KB
Sample

221205-hezpqsab8s
MD5

5809c8a264cec4fdafd1e2609be7c2d1
SHA1

7e37aeeb13da09f1ae6af6ebacad954b3e9275e2
SHA256

aa3f4afcaf15d8bee98661477621b34e1ffb65518ed7d957bee111b5268efa52
SHA512

654a3a1e5138331b64cbddc3f20e9decbe1321a8d5dfb2407b8f2414e5c6ccb2195be6c8a8eddfb2a0f72b06400d6e36874f852b109fb78f041273259bc27a57
SSDEEP

1536:ZhA1zUNC143aup/xVl0ghwnUn+mwM/+lNLUsI5MXHTl8cWBb92iyTWQzAaGNI:ZGOCmNJV+tW+g+vUsIOhjM92bLzAtN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  aa3f4afcaf15d8bee98661477621b34e1ffb65518ed7d957bee111b5268efa52
- Size
  
  95KB
- MD5
  
  5809c8a264cec4fdafd1e2609be7c2d1
- SHA1
  
  7e37aeeb13da09f1ae6af6ebacad954b3e9275e2
- SHA256
  
  aa3f4afcaf15d8bee98661477621b34e1ffb65518ed7d957bee111b5268efa52
- SHA512
  
  654a3a1e5138331b64cbddc3f20e9decbe1321a8d5dfb2407b8f2414e5c6ccb2195be6c8a8eddfb2a0f72b06400d6e36874f852b109fb78f041273259bc27a57
- SSDEEP
  
  1536:ZhA1zUNC143aup/xVl0ghwnUn+mwM/+lNLUsI5MXHTl8cWBb92iyTWQzAaGNI:ZGOCmNJV+tW+g+vUsIOhjM92bLzAtN
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2