af97fde8931fbbcf9effb00c7987927416dacfc74bbac77eba6199b5d7dbfd1e | Triage

Sharing

General

Target

af97fde8931fbbcf9effb00c7987927416dacfc74bbac77eba6199b5d7dbfd1e
Size

2.5MB
Sample

220919-2bq3zabfc8
MD5

0119f6316586f89f83c24254c6927dd9
SHA1

eb462b622d6038638889154839238105a17f508b
SHA256

af97fde8931fbbcf9effb00c7987927416dacfc74bbac77eba6199b5d7dbfd1e
SHA512

f864b04c6906abd03db89d85d9fde4cf7a35078fac9dbc51ba2285adc8bbc4e5d46cb351b4d6ad59bf04949ec851571f655a09fb2322709c06357daae8283653
SSDEEP

49152:35mGlO0aBsajwiCzLaeG862uwnYn9fRLdrAoVMkTEHMUHqyuWoG:0G8/Bspp/p+3rjspTj

Score

8^/10

Malware Config

Targets

- Target
  
  af97fde8931fbbcf9effb00c7987927416dacfc74bbac77eba6199b5d7dbfd1e
- Size
  
  2.5MB
- MD5
  
  0119f6316586f89f83c24254c6927dd9
- SHA1
  
  eb462b622d6038638889154839238105a17f508b
- SHA256
  
  af97fde8931fbbcf9effb00c7987927416dacfc74bbac77eba6199b5d7dbfd1e
- SHA512
  
  f864b04c6906abd03db89d85d9fde4cf7a35078fac9dbc51ba2285adc8bbc4e5d46cb351b4d6ad59bf04949ec851571f655a09fb2322709c06357daae8283653
- SSDEEP
  
  49152:35mGlO0aBsajwiCzLaeG862uwnYn9fRLdrAoVMkTEHMUHqyuWoG:0G8/Bspp/p+3rjspTj
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2