aa6d296e8e563c9e76e0a81385f569f4c569918c454aa73875a33dc9a75d57c6 | Triage

Sharing

General

Target

aa6d296e8e563c9e76e0a81385f569f4c569918c454aa73875a33dc9a75d57c6
Size

3.5MB
Sample

221104-mdme8secb4
MD5

9a0572cc6e5bf3e93d8ba2c194101552
SHA1

0f943d6a59ee68a7371d54d20d1a3b66651c8c40
SHA256

aa6d296e8e563c9e76e0a81385f569f4c569918c454aa73875a33dc9a75d57c6
SHA512

bc877069b9c6647d375dbb20b089411d1964cc2a93964ba7cf7a28f52b7b1102b138ce06ef9981f90d8ea6f59727b8bceee86d821b30de8e668fd8a6649fa0a0
SSDEEP

98304:9jntc+yqf+U5nQPzkFMcsIrXmVLC+k3F1OT0f5lr05neLt/:xxNQPzkFn7LmVW+k1YT0f5lr0mh

Score

5^/10

Malware Config

Targets

- Target
  
  TdxW_zyb7.61普行补丁.exe
- Size
  
  4.0MB
- MD5
  
  efcfdd8ed73dd46843c230ad19f690dc
- SHA1
  
  dfd505391cf2cb9d45dd7533cac598f034072b3a
- SHA256
  
  587d84105efad48efb69b0d1912374f4f699a1cce51c8acae11b56002649661f
- SHA512
  
  258150af5b5506d67365d9c086a89bb70c6ddef8f7d09c73b3c08b609544bcee6af37e467d9cf9cd83bc08660ca9987205ab91bbf16426add3898075bc566c40
- SSDEEP
  
  98304:IXyRcvjbVpdFFtdEswp+kw2qCbMBFM8CgPqza:ICRKPC+EMxSza
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2