358a5079b824548ef87fcf89d3e4b5284e780edc4de8a450f3e51878d1290eca | Triage

Sharing

General

Target

358a5079b824548ef87fcf89d3e4b5284e780edc4de8a450f3e51878d1290eca.exe
Size

394KB
Sample

220127-n6wp2sccal
MD5

7fcbff331b40e7edcd4985a65a9ab621
SHA1

9f420992112f832fbada4b258aa9132f2f4e798d
SHA256

358a5079b824548ef87fcf89d3e4b5284e780edc4de8a450f3e51878d1290eca
SHA512

1fd41c11bd30962be2421a08175797d9da83c98dc7f0424fdfea92bb3fd8ddd316e40a57944d56e72aeeb19809720fadd1c89c2affb3c87ba89ef754b24a2576

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://chocolatey.org/7za.exe

Targets

- Target
  
  358a5079b824548ef87fcf89d3e4b5284e780edc4de8a450f3e51878d1290eca.exe
- Size
  
  394KB
- MD5
  
  7fcbff331b40e7edcd4985a65a9ab621
- SHA1
  
  9f420992112f832fbada4b258aa9132f2f4e798d
- SHA256
  
  358a5079b824548ef87fcf89d3e4b5284e780edc4de8a450f3e51878d1290eca
- SHA512
  
  1fd41c11bd30962be2421a08175797d9da83c98dc7f0424fdfea92bb3fd8ddd316e40a57944d56e72aeeb19809720fadd1c89c2affb3c87ba89ef754b24a2576
Score

10^/10
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2