450f7d91e80c562310d464e2d0cebaa1ca6e0c475b29dda096fdeee69343701d | Triage

Sharing

General

Target

Booking.exe
Size

760KB
Sample

210113-qd2y73631x
MD5

be4013ed4e9fc8135904614cc4cba168
SHA1

bdebf68b92cc39ed4c6013f69dafefcdd09385d3
SHA256

450f7d91e80c562310d464e2d0cebaa1ca6e0c475b29dda096fdeee69343701d
SHA512

c0702434f0888e19a281412ce69eaec88b5cef8a0b551071e0ddf3c6e47113319e69ee0b2c303db2c3b5e19ec85189e21b2daca8a2fc661063f4c25141282861

Score

5^/10

Malware Config

Targets

- Target
  
  Booking.exe
- Size
  
  760KB
- MD5
  
  be4013ed4e9fc8135904614cc4cba168
- SHA1
  
  bdebf68b92cc39ed4c6013f69dafefcdd09385d3
- SHA256
  
  450f7d91e80c562310d464e2d0cebaa1ca6e0c475b29dda096fdeee69343701d
- SHA512
  
  c0702434f0888e19a281412ce69eaec88b5cef8a0b551071e0ddf3c6e47113319e69ee0b2c303db2c3b5e19ec85189e21b2daca8a2fc661063f4c25141282861
Score

5^/10
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2