cc9ff64e31ecad707d1e395f65fe6616299736c18418798c38e4c789c47c36ea | Triage

Sharing

General

Target

cc9ff64e31ecad707d1e395f65fe6616299736c18418798c38e4c789c47c36ea
Size

124KB
Sample

221206-yfbx3abb8z
MD5

afa7a010da6ed78a43780f5aba66f1d1
SHA1

38ee00346262ca90eaa1fed6782ef1d1d3f944b9
SHA256

cc9ff64e31ecad707d1e395f65fe6616299736c18418798c38e4c789c47c36ea
SHA512

8d34d2f9130227714deaf26a378a636412ca35d53b371ef7013422b20b5ee079db9c848034d8642f17a75128a5ae3cf5ecca0a852a178e29298d5b158231ba1f
SSDEEP

1536:vXYOvhCoMhWBS0ZJL/FwDt1Go4bEmHRkbHS+5pweJWYgkUW0TjzIbVCF6iN6l886:vXhlMhgB/L64bHiHNweJ0TEVC0jl88wR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cc9ff64e31ecad707d1e395f65fe6616299736c18418798c38e4c789c47c36ea
- Size
  
  124KB
- MD5
  
  afa7a010da6ed78a43780f5aba66f1d1
- SHA1
  
  38ee00346262ca90eaa1fed6782ef1d1d3f944b9
- SHA256
  
  cc9ff64e31ecad707d1e395f65fe6616299736c18418798c38e4c789c47c36ea
- SHA512
  
  8d34d2f9130227714deaf26a378a636412ca35d53b371ef7013422b20b5ee079db9c848034d8642f17a75128a5ae3cf5ecca0a852a178e29298d5b158231ba1f
- SSDEEP
  
  1536:vXYOvhCoMhWBS0ZJL/FwDt1Go4bEmHRkbHS+5pweJWYgkUW0TjzIbVCF6iN6l886:vXhlMhgB/L64bHiHNweJ0TEVC0jl88wR
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2