afc0f365ac622d85f00dcc5ca734f78f384a15ed4d25cf7029c4341af535c1f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afc0f365ac622d85f00dcc5ca734f78f384a15ed4d25cf7029c4341af535c1f6
Size

150KB
Sample

221205-kt9vcshb2t
MD5

3a1360f2779eeb5dbbe6ebfcb555010d
SHA1

0253ade1d727d2934046c42269ebf9057a940158
SHA256

afc0f365ac622d85f00dcc5ca734f78f384a15ed4d25cf7029c4341af535c1f6
SHA512

7e007831e29c5535d84a68bb758cf4ba3c932c121ac1f6ed5d6b2111523123afbfc3eafa41cd85bd09c4a4e56f80b59931065c875d8cbf98e46bca2a433f7b63
SSDEEP

3072:jw9fuuSnpWt6TyNLaQWoU82IZOo6EwBjq:jw9AnQ6T4JhTZOoz

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  afc0f365ac622d85f00dcc5ca734f78f384a15ed4d25cf7029c4341af535c1f6
- Size
  
  150KB
- MD5
  
  3a1360f2779eeb5dbbe6ebfcb555010d
- SHA1
  
  0253ade1d727d2934046c42269ebf9057a940158
- SHA256
  
  afc0f365ac622d85f00dcc5ca734f78f384a15ed4d25cf7029c4341af535c1f6
- SHA512
  
  7e007831e29c5535d84a68bb758cf4ba3c932c121ac1f6ed5d6b2111523123afbfc3eafa41cd85bd09c4a4e56f80b59931065c875d8cbf98e46bca2a433f7b63
- SSDEEP
  
  3072:jw9fuuSnpWt6TyNLaQWoU82IZOo6EwBjq:jw9AnQ6T4JhTZOoz
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2