8afeb4b94e131c26a855acad0c39b03916c251242ac92bb82c4b5d93f2f6ffb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8afeb4b94e131c26a855acad0c39b03916c251242ac92bb82c4b5d93f2f6ffb5
Size

115KB
Sample

221011-h41nbscaal
MD5

78aa50f7dd27ee400b6edd9798174d59
SHA1

8ceb63bd8584b1fc113d0240bf5eb71acc1d587c
SHA256

8afeb4b94e131c26a855acad0c39b03916c251242ac92bb82c4b5d93f2f6ffb5
SHA512

0156347fdeb8abb5dec883e8ef9b54d943d7347948a510a666c204291517f8bcc651f0e14f403e6e07f133f1c70cd4a36e06dc2a7b61ca6be77ae622904b9e42
SSDEEP

3072:CBGAgBAUaV4x2di0pXDq3ExPPGy0MLeYoriJ:07lUaK2dDzq0x3GyRe

Score

8^/10

Malware Config

Targets

- Target
  
  8afeb4b94e131c26a855acad0c39b03916c251242ac92bb82c4b5d93f2f6ffb5
- Size
  
  115KB
- MD5
  
  78aa50f7dd27ee400b6edd9798174d59
- SHA1
  
  8ceb63bd8584b1fc113d0240bf5eb71acc1d587c
- SHA256
  
  8afeb4b94e131c26a855acad0c39b03916c251242ac92bb82c4b5d93f2f6ffb5
- SHA512
  
  0156347fdeb8abb5dec883e8ef9b54d943d7347948a510a666c204291517f8bcc651f0e14f403e6e07f133f1c70cd4a36e06dc2a7b61ca6be77ae622904b9e42
- SSDEEP
  
  3072:CBGAgBAUaV4x2di0pXDq3ExPPGy0MLeYoriJ:07lUaK2dDzq0x3GyRe
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2