e4999f7382159e8c373bc822e4b58d85ffebf7c52caab037830318cd6f903428 | Triage

Sharing

General

Target

e4999f7382159e8c373bc822e4b58d85ffebf7c52caab037830318cd6f903428
Size

102KB
Sample

221204-qqg8tscg54
MD5

02c3bb840cc623c877cb80cb36655809
SHA1

95a21efa21f57dc8f35dceb539077469b146c33d
SHA256

e4999f7382159e8c373bc822e4b58d85ffebf7c52caab037830318cd6f903428
SHA512

99e9b2da8d7dfd06eb4436cf925f70976e059156e25957a64ba07ccfbb148458b73fee01b441140646b992691797ab5426dff04b011ff8d7cd16eb24ec65e18b
SSDEEP

3072:5OiO3VRXCPM7NqMgzGX7kkIog9oCmRCczLsJuSDz:8VVRyk7NlgzGLkkJi50S/

Score

7^/10

Malware Config

Targets

- Target
  
  e4999f7382159e8c373bc822e4b58d85ffebf7c52caab037830318cd6f903428
- Size
  
  102KB
- MD5
  
  02c3bb840cc623c877cb80cb36655809
- SHA1
  
  95a21efa21f57dc8f35dceb539077469b146c33d
- SHA256
  
  e4999f7382159e8c373bc822e4b58d85ffebf7c52caab037830318cd6f903428
- SHA512
  
  99e9b2da8d7dfd06eb4436cf925f70976e059156e25957a64ba07ccfbb148458b73fee01b441140646b992691797ab5426dff04b011ff8d7cd16eb24ec65e18b
- SSDEEP
  
  3072:5OiO3VRXCPM7NqMgzGX7kkIog9oCmRCczLsJuSDz:8VVRyk7NlgzGLkkJi50S/
Score

7^/10
- Uses the VBS compiler for execution
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2