49fc3ac3e2f2737dfac36b8daca0e77d842e4909cec5f5aad4c56667c0303b51 | Triage

Submit
Reports

Overview

overview

8

Static

static

5

49fc3ac3e2...51.exe

windows7_x64

8

49fc3ac3e2...51.exe

windows10-2004_x64

8

Sharing

General

Target

49fc3ac3e2f2737dfac36b8daca0e77d842e4909cec5f5aad4c56667c0303b51
Size

1.2MB
Sample

220712-scab6sfabq
MD5

597f6110fa73a2bad89341afed59cd97
SHA1

f17fe429934d5f23219aa3fda89e078efbd9daf1
SHA256

49fc3ac3e2f2737dfac36b8daca0e77d842e4909cec5f5aad4c56667c0303b51
SHA512

606b1a3d1b21635a1bf2f7a06ead437bedd00797489a88196108c93037d57f8d26c2db825cdb5ebbd6a7d5e7167f1313c2f597c6ea5c007b8aa581bee64cb9ea

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

49fc3ac3e2f2737dfac36b8daca0e77d842e4909cec5f5aad4c56667c0303b51.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

49fc3ac3e2f2737dfac36b8daca0e77d842e4909cec5f5aad4c56667c0303b51.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  49fc3ac3e2f2737dfac36b8daca0e77d842e4909cec5f5aad4c56667c0303b51
- Size
  
  1.2MB
- MD5
  
  597f6110fa73a2bad89341afed59cd97
- SHA1
  
  f17fe429934d5f23219aa3fda89e078efbd9daf1
- SHA256
  
  49fc3ac3e2f2737dfac36b8daca0e77d842e4909cec5f5aad4c56667c0303b51
- SHA512
  
  606b1a3d1b21635a1bf2f7a06ead437bedd00797489a88196108c93037d57f8d26c2db825cdb5ebbd6a7d5e7167f1313c2f597c6ea5c007b8aa581bee64cb9ea
Score

8^/10
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy