608876df58ef20d0c0586e42a87d9a423f1fcc23959bcb47055aadfb05739b91 | Triage

Sharing

General

Target

608876df58ef20d0c0586e42a87d9a423f1fcc23959bcb47055aadfb05739b91
Size

187KB
Sample

201108-mgzs2sx8b6
MD5

2c9525ae85eb7baac4af5107cc66c7a5
SHA1

db20b571beb9af2b436bd957469083210b08bdd6
SHA256

608876df58ef20d0c0586e42a87d9a423f1fcc23959bcb47055aadfb05739b91
SHA512

81f1abe3e922b4027d674765d8dc36b468b75afb33c9045f48b4cc5fe40ea992e8aaf8975dadad4c6684bc501728e1fd259062947f1adde19f9f585212aa0fc4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  608876df58ef20d0c0586e42a87d9a423f1fcc23959bcb47055aadfb05739b91
- Size
  
  187KB
- MD5
  
  2c9525ae85eb7baac4af5107cc66c7a5
- SHA1
  
  db20b571beb9af2b436bd957469083210b08bdd6
- SHA256
  
  608876df58ef20d0c0586e42a87d9a423f1fcc23959bcb47055aadfb05739b91
- SHA512
  
  81f1abe3e922b4027d674765d8dc36b468b75afb33c9045f48b4cc5fe40ea992e8aaf8975dadad4c6684bc501728e1fd259062947f1adde19f9f585212aa0fc4
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2