ed582ddeb02c93a1504ce9f32c21aa99316dce82efd1c76333c28b91cfec2753 | Triage

Sharing

General

Target

ed582ddeb02c93a1504ce9f32c21aa99316dce82efd1c76333c28b91cfec2753
Size

148KB
Sample

221206-r1nc9sag9z
MD5

f2e8df4688fea6d7822fadd8c7e137a5
SHA1

b247474c9b7a9a122fa54107c588b80c92f6b20a
SHA256

ed582ddeb02c93a1504ce9f32c21aa99316dce82efd1c76333c28b91cfec2753
SHA512

f41b13b3fa66cc06b3ad2eb386e032cc037f9c67b40c459d511971017b241ec1ff0ab475ae090ae075e0889d32ad7422837fa0243b33e0ec6ffca5841cd0992d
SSDEEP

3072:yTInoF0+6Fkg9fErUgFGFpKIatphmbxe/poZyUzjODYDYEF4kLJnPyj:yTInx+OV9srUgIFpKvtHporjLFi

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ed582ddeb02c93a1504ce9f32c21aa99316dce82efd1c76333c28b91cfec2753
- Size
  
  148KB
- MD5
  
  f2e8df4688fea6d7822fadd8c7e137a5
- SHA1
  
  b247474c9b7a9a122fa54107c588b80c92f6b20a
- SHA256
  
  ed582ddeb02c93a1504ce9f32c21aa99316dce82efd1c76333c28b91cfec2753
- SHA512
  
  f41b13b3fa66cc06b3ad2eb386e032cc037f9c67b40c459d511971017b241ec1ff0ab475ae090ae075e0889d32ad7422837fa0243b33e0ec6ffca5841cd0992d
- SSDEEP
  
  3072:yTInoF0+6Fkg9fErUgFGFpKIatphmbxe/poZyUzjODYDYEF4kLJnPyj:yTInx+OV9srUgIFpKvtHporjLFi
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2