617eb8fd49eb9249fac0985a70d28a639e2da4306b43ece3d253132753e6b207 | Triage

Sharing

General

Target

617eb8fd49eb9249fac0985a70d28a639e2da4306b43ece3d253132753e6b207
Size

910KB
Sample

221203-2llw1abh25
MD5

d00632c5fb5a80b955e3903721a62356
SHA1

b085642b1cc779ee89211d84be0c0c1d5d919ca7
SHA256

617eb8fd49eb9249fac0985a70d28a639e2da4306b43ece3d253132753e6b207
SHA512

9b2a1b29e050ca596d7fdcf21e4be24e7f8e23b933a20995905bd85ec482e47478c948d820dc9d32db63b0131346916d4cc8b2d32e9081cba038cf33583f294f
SSDEEP

12288:B80wOZQAsR9xGi3D0231Hz4M8dhdL3nr1qxLgmegUZbYkg586aWHff:S7Fb91adr1qJ0gUZYB5O8f

Score

8^/10

Malware Config

Targets

- Target
  
  617eb8fd49eb9249fac0985a70d28a639e2da4306b43ece3d253132753e6b207
- Size
  
  910KB
- MD5
  
  d00632c5fb5a80b955e3903721a62356
- SHA1
  
  b085642b1cc779ee89211d84be0c0c1d5d919ca7
- SHA256
  
  617eb8fd49eb9249fac0985a70d28a639e2da4306b43ece3d253132753e6b207
- SHA512
  
  9b2a1b29e050ca596d7fdcf21e4be24e7f8e23b933a20995905bd85ec482e47478c948d820dc9d32db63b0131346916d4cc8b2d32e9081cba038cf33583f294f
- SSDEEP
  
  12288:B80wOZQAsR9xGi3D0231Hz4M8dhdL3nr1qxLgmegUZbYkg586aWHff:S7Fb91adr1qJ0gUZYB5O8f
Score

8^/10
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2