5a5f2492ced1c16f5decd7a0a94a2f9d8013c26f8da58d864cf16abb61b4315f | Triage

Sharing

General

Target

5a5f2492ced1c16f5decd7a0a94a2f9d8013c26f8da58d864cf16abb61b4315f
Size

296KB
Sample

221206-rc9atsdg92
MD5

40ebee5a3d129c29e04d2907e4f282b1
SHA1

b830aee4f5dfc4acdf73abca6bbef1fc8b157289
SHA256

5a5f2492ced1c16f5decd7a0a94a2f9d8013c26f8da58d864cf16abb61b4315f
SHA512

e5d32f5727ccc912c5d271cee19ebc968a9b7fbb5dffe0d1177ac0358e03347b8af0abe4c21468aba0db43dfed5d44fdf03751ec85b49830cbb24665da69f3d4
SSDEEP

6144:Zw02VPodI+qWXgTSlSWbSyCEwRL/ztRPE4sl9UwL4EqGXbQgIn:YxgI+jXblSbNVztRPq4cqGXL

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5a5f2492ced1c16f5decd7a0a94a2f9d8013c26f8da58d864cf16abb61b4315f
- Size
  
  296KB
- MD5
  
  40ebee5a3d129c29e04d2907e4f282b1
- SHA1
  
  b830aee4f5dfc4acdf73abca6bbef1fc8b157289
- SHA256
  
  5a5f2492ced1c16f5decd7a0a94a2f9d8013c26f8da58d864cf16abb61b4315f
- SHA512
  
  e5d32f5727ccc912c5d271cee19ebc968a9b7fbb5dffe0d1177ac0358e03347b8af0abe4c21468aba0db43dfed5d44fdf03751ec85b49830cbb24665da69f3d4
- SSDEEP
  
  6144:Zw02VPodI+qWXgTSlSWbSyCEwRL/ztRPE4sl9UwL4EqGXbQgIn:YxgI+jXblSbNVztRPq4cqGXL
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2