5c50b7e005524ede0a2c636b92a0933bc631c783bb8201e98dbdc52c390cd566 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Tedy.209781.20731.20605.exe
Size

715KB
Sample

220923-kqfr4shffq
MD5

03b6926e5b0a6741928728108c91c8cb
SHA1

184add223e296adad77fbb52c800ce6a75516ecd
SHA256

5c50b7e005524ede0a2c636b92a0933bc631c783bb8201e98dbdc52c390cd566
SHA512

825282ec61f3fce7a878e07f276482aca615f46f9616e07e5817711bc86ee09bdd59b180ca9606b2ca89660c7e3a23b023e1213dd7d606e43147122a0d317cce
SSDEEP

12288:9zR0GNejXOxLzY8SWaAvbtCA2GueuRFQBEoeFQl+MinGO8gKcc34fIGusTZFSZty:1RejXALTmAv0A2GSTQBEorOBKx4fIGHv

Score

10^/10

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.office365.com
Port:
587
Username:
[email protected]
Password:
Treasure@55

Targets

- Target
  
  SecuriteInfo.com.Variant.Tedy.209781.20731.20605.exe
- Size
  
  715KB
- MD5
  
  03b6926e5b0a6741928728108c91c8cb
- SHA1
  
  184add223e296adad77fbb52c800ce6a75516ecd
- SHA256
  
  5c50b7e005524ede0a2c636b92a0933bc631c783bb8201e98dbdc52c390cd566
- SHA512
  
  825282ec61f3fce7a878e07f276482aca615f46f9616e07e5817711bc86ee09bdd59b180ca9606b2ca89660c7e3a23b023e1213dd7d606e43147122a0d317cce
- SSDEEP
  
  12288:9zR0GNejXOxLzY8SWaAvbtCA2GueuRFQBEoeFQl+MinGO8gKcc34fIGusTZFSZty:1RejXALTmAv0A2GSTQBEorOBKx4fIGHv
Score

10^/10
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2