7d90e1de880e7a2bec1f793cf1deca14533d0babecd085bdfa4db49bb5e50cb7 | Triage

Sharing

General

Target

7d90e1de880e7a2bec1f793cf1deca14533d0babecd085bdfa4db49bb5e50cb7
Size

460KB
Sample

221206-z3mthsge8y
MD5

a2546e26c5bf4dc5c5f3f3e173412618
SHA1

bbe054795a329a9e7bb874cd3714360d75ba7dfe
SHA256

7d90e1de880e7a2bec1f793cf1deca14533d0babecd085bdfa4db49bb5e50cb7
SHA512

95bf0a97ddf141642d46a64ce79a5f599de0147fd8b9a0fc90acdf00dbf983608cd762055a425e85750f061235f6f0919393a05d90e107fe380fbc1fa3640fb0
SSDEEP

12288:gggZ8iH5Pbd3bik6cT0MPJdpY6qVD6G8Jsyq0Sy22qw4Ea3Ygsfn7nRa:++4tbipCFS6qVD6GEsyqJ14a3+n9a

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7d90e1de880e7a2bec1f793cf1deca14533d0babecd085bdfa4db49bb5e50cb7
- Size
  
  460KB
- MD5
  
  a2546e26c5bf4dc5c5f3f3e173412618
- SHA1
  
  bbe054795a329a9e7bb874cd3714360d75ba7dfe
- SHA256
  
  7d90e1de880e7a2bec1f793cf1deca14533d0babecd085bdfa4db49bb5e50cb7
- SHA512
  
  95bf0a97ddf141642d46a64ce79a5f599de0147fd8b9a0fc90acdf00dbf983608cd762055a425e85750f061235f6f0919393a05d90e107fe380fbc1fa3640fb0
- SSDEEP
  
  12288:gggZ8iH5Pbd3bik6cT0MPJdpY6qVD6G8Jsyq0Sy22qw4Ea3Ygsfn7nRa:++4tbipCFS6qVD6GEsyqJ14a3+n9a
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2