General

  • Target

    678bf335baac4f9eedeb57b1e460ad7ea87406f8650f6cdee8c2a6e2d27a6170

  • Size

    372KB

  • Sample

    221120-sxmg8sdh5x

  • MD5

    2d8b464d4f3c82387d7cf2c97c4ef845

  • SHA1

    d3e39c6be314d52a968fea4f02afbda427790594

  • SHA256

    678bf335baac4f9eedeb57b1e460ad7ea87406f8650f6cdee8c2a6e2d27a6170

  • SHA512

    30743b9003723b8900707b44ba08ef9cfaa9f7b1b8466fede3df29a390a72af724d5754111cb1028f28c2b63b60274416b05dbeca21b2515256188422c29e035

  • SSDEEP

    6144:xI5xEJ+3Y+FGEI5RGbcuzWJny60JaqLE9kyirrNsSm+jjemyFlST:G520ZtInGbfonyTAqA9wrrNVmTzfW

Malware Config

Targets

    • Target

      678bf335baac4f9eedeb57b1e460ad7ea87406f8650f6cdee8c2a6e2d27a6170

    • Size

      372KB

    • MD5

      2d8b464d4f3c82387d7cf2c97c4ef845

    • SHA1

      d3e39c6be314d52a968fea4f02afbda427790594

    • SHA256

      678bf335baac4f9eedeb57b1e460ad7ea87406f8650f6cdee8c2a6e2d27a6170

    • SHA512

      30743b9003723b8900707b44ba08ef9cfaa9f7b1b8466fede3df29a390a72af724d5754111cb1028f28c2b63b60274416b05dbeca21b2515256188422c29e035

    • SSDEEP

      6144:xI5xEJ+3Y+FGEI5RGbcuzWJny60JaqLE9kyirrNsSm+jjemyFlST:G520ZtInGbfonyTAqA9wrrNVmTzfW

    • Adds Run key to start application

    • Detected potential entity reuse from brand microsoft.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks