ba01c14c3aa0020cfe309e187344ad97d722674e36d2b4df808796fd6636cde6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba01c14c3aa0020cfe309e187344ad97d722674e36d2b4df808796fd6636cde6
Size

267KB
Sample

221206-qa6aqaah28
MD5

ef8f44296f7372056a9d6c0f27433491
SHA1

5099f04bfb12c063c80016e81382908d6681b5ae
SHA256

ba01c14c3aa0020cfe309e187344ad97d722674e36d2b4df808796fd6636cde6
SHA512

19079fcb3308546626ce21612f957e939194e04367325a2fa0c482c29e3968fc8d6f80b7a6636636f7e5c7e15a3af4c3ab8391f0e2dbd57f87b35369acd5c7a9
SSDEEP

6144:UtDowBWvvuQBBWi/uTSvwwOJ8MAdHLkPdLWTISe3/5:p3vRBWauGYVUYgev5

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ba01c14c3aa0020cfe309e187344ad97d722674e36d2b4df808796fd6636cde6
- Size
  
  267KB
- MD5
  
  ef8f44296f7372056a9d6c0f27433491
- SHA1
  
  5099f04bfb12c063c80016e81382908d6681b5ae
- SHA256
  
  ba01c14c3aa0020cfe309e187344ad97d722674e36d2b4df808796fd6636cde6
- SHA512
  
  19079fcb3308546626ce21612f957e939194e04367325a2fa0c482c29e3968fc8d6f80b7a6636636f7e5c7e15a3af4c3ab8391f0e2dbd57f87b35369acd5c7a9
- SSDEEP
  
  6144:UtDowBWvvuQBBWi/uTSvwwOJ8MAdHLkPdLWTISe3/5:p3vRBWauGYVUYgev5
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2