3864000bdce54306e787beb73fbb02642f7a539a2c255fc6e76dcbe2e685c733 | Triage

Sharing

General

Target

121.exe
Size

3.6MB
Sample

210113-8vznh37vy2
MD5

efb2808e93c3f53bdc896c2957cc9b87
SHA1

82fa8aa8a75a1194232ec186bb73266f7b76d56f
SHA256

3864000bdce54306e787beb73fbb02642f7a539a2c255fc6e76dcbe2e685c733
SHA512

9db24f6bac562b27512583362f00082d14aeb20a6dd10356c6fc154ef467ae1121bf317e782d017f16e7b7e8cbd1859d82494308c2bfb5b3ff5975c53c0cd6c2

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  121.exe
- Size
  
  3.6MB
- MD5
  
  efb2808e93c3f53bdc896c2957cc9b87
- SHA1
  
  82fa8aa8a75a1194232ec186bb73266f7b76d56f
- SHA256
  
  3864000bdce54306e787beb73fbb02642f7a539a2c255fc6e76dcbe2e685c733
- SHA512
  
  9db24f6bac562b27512583362f00082d14aeb20a6dd10356c6fc154ef467ae1121bf317e782d017f16e7b7e8cbd1859d82494308c2bfb5b3ff5975c53c0cd6c2
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2