946899e5c04546963addf5e384c656fa138fad3972ccd7de54bfd623de4f149a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

946899e5c04546963addf5e384c656fa138fad3972ccd7de54bfd623de4f149a
Size

335KB
Sample

221206-ashdlsec4t
MD5

54146c020d991c1d88887f531b824bf6
SHA1

ff952191109c3ba612c0156a8b1c96674805d201
SHA256

946899e5c04546963addf5e384c656fa138fad3972ccd7de54bfd623de4f149a
SHA512

5ce717ae8e10a22d4e173ef3cc88c9f976a5408ff822db3c72eb6e99e9f0ffc26f8d506e2fdbe0d4057a1987b8bede882dc80cc04ed3421576e3f7992207229d
SSDEEP

6144:7DXDvsQnb8iRqNx7rYx+UG6yb1nGdLR97h3UXd7qbmU4Sbt:7DXDVnbBqNuxF/s1GRR97h3UtmbmU4Sp

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  946899e5c04546963addf5e384c656fa138fad3972ccd7de54bfd623de4f149a
- Size
  
  335KB
- MD5
  
  54146c020d991c1d88887f531b824bf6
- SHA1
  
  ff952191109c3ba612c0156a8b1c96674805d201
- SHA256
  
  946899e5c04546963addf5e384c656fa138fad3972ccd7de54bfd623de4f149a
- SHA512
  
  5ce717ae8e10a22d4e173ef3cc88c9f976a5408ff822db3c72eb6e99e9f0ffc26f8d506e2fdbe0d4057a1987b8bede882dc80cc04ed3421576e3f7992207229d
- SSDEEP
  
  6144:7DXDvsQnb8iRqNx7rYx+UG6yb1nGdLR97h3UXd7qbmU4Sbt:7DXDVnbBqNuxF/s1GRR97h3UtmbmU4Sp
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2