5c443e60a53a7d23095ef1a6c5454fc3d70130046b94c2540cf281a4ec58e1d3 | Triage

Submit
Reports

Overview

overview

6

Static

static

5

5c443e60a5...d3.exe

windows7-x64

6

5c443e60a5...d3.exe

windows10-2004-x64

6

Sharing

General

Target

5c443e60a53a7d23095ef1a6c5454fc3d70130046b94c2540cf281a4ec58e1d3
Size

3.7MB
Sample

221128-fv9tjacg6s
MD5

70159b4ce9c6c87eeaea49a4fc67dffd
SHA1

5cd1e24cc5cb7c3615b6ad3f4a6355da0d55dcfd
SHA256

5c443e60a53a7d23095ef1a6c5454fc3d70130046b94c2540cf281a4ec58e1d3
SHA512

ce3ff429fe16b4e756a4ef1673efd7f72576fbffb199637feee226173e9884a908f8db0dd63ebac92db4124bfbae6cd671ed0ec4899e67924528dec22011ff41
SSDEEP

98304:ng56cx14Fyc6rEC/dtw4cfD88rdArHDn0H/446:g5j14FKw663fvqrHqH6

Score

6^/10

collection persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5c443e60a53a7d23095ef1a6c5454fc3d70130046b94c2540cf281a4ec58e1d3.exe

Resource

win7-20221111-en

collection persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

5c443e60a53a7d23095ef1a6c5454fc3d70130046b94c2540cf281a4ec58e1d3.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  5c443e60a53a7d23095ef1a6c5454fc3d70130046b94c2540cf281a4ec58e1d3
- Size
  
  3.7MB
- MD5
  
  70159b4ce9c6c87eeaea49a4fc67dffd
- SHA1
  
  5cd1e24cc5cb7c3615b6ad3f4a6355da0d55dcfd
- SHA256
  
  5c443e60a53a7d23095ef1a6c5454fc3d70130046b94c2540cf281a4ec58e1d3
- SHA512
  
  ce3ff429fe16b4e756a4ef1673efd7f72576fbffb199637feee226173e9884a908f8db0dd63ebac92db4124bfbae6cd671ed0ec4899e67924528dec22011ff41
- SSDEEP
  
  98304:ng56cx14Fyc6rEC/dtw4cfD88rdArHDn0H/446:g5j14FKw663fvqrHqH6
Score

6^/10

collection persistence
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

collectionpersistence

behavioral2

© 2018-2024

Terms | Privacy