ca2ab2eb8249afceb6b9f42bac54fe8635fb5ccbf4e497c35ed700d9dae1c2d1 | Triage

Sharing

General

Target

ca2ab2eb8249afceb6b9f42bac54fe8635fb5ccbf4e497c35ed700d9dae1c2d1
Size

127KB
Sample

210320-4xzgl2na6j
MD5

9babe52f985b2b4193113d5c260eb195
SHA1

b4b4772d485d7d4192774aca3a9c594f82717adb
SHA256

ca2ab2eb8249afceb6b9f42bac54fe8635fb5ccbf4e497c35ed700d9dae1c2d1
SHA512

61f41678334ea638dd3dc02d280739910d4b64cc31289c3f99bf41067bdfee1a9ab2114920b7b162862046b06d59d2bb6168557cc1a4463113a2ad00f526af8b

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ca2ab2eb8249afceb6b9f42bac54fe8635fb5ccbf4e497c35ed700d9dae1c2d1
- Size
  
  127KB
- MD5
  
  9babe52f985b2b4193113d5c260eb195
- SHA1
  
  b4b4772d485d7d4192774aca3a9c594f82717adb
- SHA256
  
  ca2ab2eb8249afceb6b9f42bac54fe8635fb5ccbf4e497c35ed700d9dae1c2d1
- SHA512
  
  61f41678334ea638dd3dc02d280739910d4b64cc31289c3f99bf41067bdfee1a9ab2114920b7b162862046b06d59d2bb6168557cc1a4463113a2ad00f526af8b
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2