b9cc26f6cc30942c0f54134fd8ff95c87d0c63a74bc57c6724603ec63e4d94e2 | Triage

Sharing

General

Target

b9cc26f6cc30942c0f54134fd8ff95c87d0c63a74bc57c6724603ec63e4d94e2
Size

249KB
Sample

221206-p686taae47
MD5

4011c591946de4c19898e1c5e54f0aa4
SHA1

5210204058d35f1c53cd278eee34a5b6f327e9df
SHA256

b9cc26f6cc30942c0f54134fd8ff95c87d0c63a74bc57c6724603ec63e4d94e2
SHA512

b9a6e72c0e3948c8f8e585390857d4e9eeedac3d13bb3e6b459f232abac0ff5b3818836c4f8417dbbff2d032e276c08fca3be054b07dd0cd605f3d5645e311a5
SSDEEP

6144:eWq8/eR6p0yN90QE1BRYU+d0rwqR6M3hIPk:L/eBy905RP+d0Eq48N

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b9cc26f6cc30942c0f54134fd8ff95c87d0c63a74bc57c6724603ec63e4d94e2
- Size
  
  249KB
- MD5
  
  4011c591946de4c19898e1c5e54f0aa4
- SHA1
  
  5210204058d35f1c53cd278eee34a5b6f327e9df
- SHA256
  
  b9cc26f6cc30942c0f54134fd8ff95c87d0c63a74bc57c6724603ec63e4d94e2
- SHA512
  
  b9a6e72c0e3948c8f8e585390857d4e9eeedac3d13bb3e6b459f232abac0ff5b3818836c4f8417dbbff2d032e276c08fca3be054b07dd0cd605f3d5645e311a5
- SSDEEP
  
  6144:eWq8/eR6p0yN90QE1BRYU+d0rwqR6M3hIPk:L/eBy905RP+d0Eq48N
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2