ea475feb35e308b8e2ad0ee5b8f0ad9eb643294eacb4d7ce0892c81a1cc1b82c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea475feb35e308b8e2ad0ee5b8f0ad9eb643294eacb4d7ce0892c81a1cc1b82c
Size

321KB
Sample

221031-xetwtacgfn
MD5

0c8e95092be317261c9f6fd5775b2b45
SHA1

f1173afd6ce52a22ab51eab8ee6c189a646095d9
SHA256

ea475feb35e308b8e2ad0ee5b8f0ad9eb643294eacb4d7ce0892c81a1cc1b82c
SHA512

90fd7c226183f1d1036cfee292c36c04d57b31f1d46741d102158d84e1fef0214a4ef5e605f929a01f8fb337b9e544e540ba31db9f5a994a47522b51e9da258c
SSDEEP

6144:eKlzr1sYCzek2ciDaP9Xk6Ln1W8W/9InBSkZZmLdGcAdgdY6RKpjS:eGhQ2ciDq9ZL1W8q9InBRqELdolRKpj

Score

8^/10

Malware Config

Targets

- Target
  
  ea475feb35e308b8e2ad0ee5b8f0ad9eb643294eacb4d7ce0892c81a1cc1b82c
- Size
  
  321KB
- MD5
  
  0c8e95092be317261c9f6fd5775b2b45
- SHA1
  
  f1173afd6ce52a22ab51eab8ee6c189a646095d9
- SHA256
  
  ea475feb35e308b8e2ad0ee5b8f0ad9eb643294eacb4d7ce0892c81a1cc1b82c
- SHA512
  
  90fd7c226183f1d1036cfee292c36c04d57b31f1d46741d102158d84e1fef0214a4ef5e605f929a01f8fb337b9e544e540ba31db9f5a994a47522b51e9da258c
- SSDEEP
  
  6144:eKlzr1sYCzek2ciDaP9Xk6Ln1W8W/9InBSkZZmLdGcAdgdY6RKpjS:eGhQ2ciDq9ZL1W8q9InBRqELdolRKpj
Score

8^/10
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1