General

  • Target

    12b8b5bfde4092b4248accc682098222420ee6a0b6dfe89eb268f7fcf8cf00fb

  • Size

    1017KB

  • Sample

    221124-xstg7sgc8t

  • MD5

    1bd9fb4ade498938e6432d6c5d1e23a5

  • SHA1

    909ecec41f837a402ee4ef43d8b9f6b06a5a8aaf

  • SHA256

    12b8b5bfde4092b4248accc682098222420ee6a0b6dfe89eb268f7fcf8cf00fb

  • SHA512

    ea02ab5ec0bdeaba4e897e5e1e50ccf27ab392ac859348cdf1caaaf90c7c10f1e99cdd01317f36479cb600b9fe2189f34b59afc822071ec4c7ea989f8f99cda5

Score
8/10

Malware Config

Targets

    • Target

      12b8b5bfde4092b4248accc682098222420ee6a0b6dfe89eb268f7fcf8cf00fb

    • Size

      1017KB

    • MD5

      1bd9fb4ade498938e6432d6c5d1e23a5

    • SHA1

      909ecec41f837a402ee4ef43d8b9f6b06a5a8aaf

    • SHA256

      12b8b5bfde4092b4248accc682098222420ee6a0b6dfe89eb268f7fcf8cf00fb

    • SHA512

      ea02ab5ec0bdeaba4e897e5e1e50ccf27ab392ac859348cdf1caaaf90c7c10f1e99cdd01317f36479cb600b9fe2189f34b59afc822071ec4c7ea989f8f99cda5

    Score
    8/10
    • Blocklisted process makes network request

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation