a648b562f726c81d76b83b6110eb52eb78a8e2f5fef0b3ac89d47ef0cafea414 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a648b562f726c81d76b83b6110eb52eb78a8e2f5fef0b3ac89d47ef0cafea414
Size

323KB
Sample

221101-eme4hsfgh2
MD5

28f0cefef0049544f77c467f1f860874
SHA1

d83f9ce8807b06a4c6368a52e2bf2e5c4ac259b0
SHA256

a648b562f726c81d76b83b6110eb52eb78a8e2f5fef0b3ac89d47ef0cafea414
SHA512

8c49b73d0b6f6bb978d49789afd14798ccf69031f94f94daf07f61441ce7600730350d4842e705fb17b61cf1df26a49b98fe34fc9c0f093efb04be39bcf727d3
SSDEEP

6144:eKlzr1sYCzek2ciDaP9Xk6Ln1W8W/9InBSkZZmLdGcAdgdY6RKpjS:eGhQ2ciDq9ZL1W8q9InBRqELdolRKpj

Score

8^/10

Malware Config

Targets

- Target
  
  a648b562f726c81d76b83b6110eb52eb78a8e2f5fef0b3ac89d47ef0cafea414
- Size
  
  323KB
- MD5
  
  28f0cefef0049544f77c467f1f860874
- SHA1
  
  d83f9ce8807b06a4c6368a52e2bf2e5c4ac259b0
- SHA256
  
  a648b562f726c81d76b83b6110eb52eb78a8e2f5fef0b3ac89d47ef0cafea414
- SHA512
  
  8c49b73d0b6f6bb978d49789afd14798ccf69031f94f94daf07f61441ce7600730350d4842e705fb17b61cf1df26a49b98fe34fc9c0f093efb04be39bcf727d3
- SSDEEP
  
  6144:eKlzr1sYCzek2ciDaP9Xk6Ln1W8W/9InBSkZZmLdGcAdgdY6RKpjS:eGhQ2ciDq9ZL1W8q9InBRqELdolRKpj
Score

8^/10
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1