5c78c6a6f4bae252f879aacfc72a7553b944c25b19f825aabd298f0f6f9449bc | Triage

Submit
Reports

Overview

overview

6

Static

static

5

5c78c6a6f4...bc.exe

windows7-x64

6

5c78c6a6f4...bc.exe

windows10-2004-x64

6

Sharing

General

Target

5c78c6a6f4bae252f879aacfc72a7553b944c25b19f825aabd298f0f6f9449bc
Size

2.8MB
Sample

221123-m8bl8aga99
MD5

15533f632a10225b957064390e0af7a6
SHA1

977fd7dec32f28ebecc130cf5ec1651c93865509
SHA256

5c78c6a6f4bae252f879aacfc72a7553b944c25b19f825aabd298f0f6f9449bc
SHA512

331320f3eb5d1d9bc9d3d6eef512ceee324610eda097bd58b4fac4c9efc4f38831159efd7301bb1e40ce83285a25ffc69584d038722eae68053153f547f9d9c1
SSDEEP

49152:yVg5tQ7as2h5plLtBuX1+TjHoxvYhywseM+I956Piib+XMFDz/4NAXDK8RAvbJd0:8g56khtBuX14aqR/ltPtz/40DK1TTN6

Score

6^/10

collection persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5c78c6a6f4bae252f879aacfc72a7553b944c25b19f825aabd298f0f6f9449bc.exe

Resource

win7-20221111-en

collection persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

5c78c6a6f4bae252f879aacfc72a7553b944c25b19f825aabd298f0f6f9449bc.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  5c78c6a6f4bae252f879aacfc72a7553b944c25b19f825aabd298f0f6f9449bc
- Size
  
  2.8MB
- MD5
  
  15533f632a10225b957064390e0af7a6
- SHA1
  
  977fd7dec32f28ebecc130cf5ec1651c93865509
- SHA256
  
  5c78c6a6f4bae252f879aacfc72a7553b944c25b19f825aabd298f0f6f9449bc
- SHA512
  
  331320f3eb5d1d9bc9d3d6eef512ceee324610eda097bd58b4fac4c9efc4f38831159efd7301bb1e40ce83285a25ffc69584d038722eae68053153f547f9d9c1
- SSDEEP
  
  49152:yVg5tQ7as2h5plLtBuX1+TjHoxvYhywseM+I956Piib+XMFDz/4NAXDK8RAvbJd0:8g56khtBuX14aqR/ltPtz/40DK1TTN6
Score

6^/10

collection persistence
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectionpersistence

behavioral2

© 2018-2024

Terms | Privacy