General

  • Target

    2A12326F3BC0714BF663D300D40816AF39E9707698056.exe

  • Size

    144KB

  • Sample

    221206-w52hxafc3x

  • MD5

    ce9e2ad824abec4012ffe21ea8b2f66d

  • SHA1

    fe617860049990a67b18950660e6276e3c7ee970

  • SHA256

    2a12326f3bc0714bf663d300d40816af39e9707698056d82f3b5a5046c304566

  • SHA512

    fbb16ebdd147f5f7e7937fe1d3bcc506914b7d742245a031d8831739608542df6415807b747aaab95a05cfc58724bec91b1f8720b0c2def5e66d3200cd16c74a

  • SSDEEP

    768:xnnhlLxfF9oifeLc6WDK+w0kabRAUn1vh+vPqVOz7T2QbYtm6uROAhr:nlb9oIKWDK+w0ZbRhn1vh+v/T3Y46uD

Score
10/10

Malware Config

Extracted

Family

erbium

C2

77.73.133.53

Targets

    • Target

      2A12326F3BC0714BF663D300D40816AF39E9707698056.exe

    • Size

      144KB

    • MD5

      ce9e2ad824abec4012ffe21ea8b2f66d

    • SHA1

      fe617860049990a67b18950660e6276e3c7ee970

    • SHA256

      2a12326f3bc0714bf663d300d40816af39e9707698056d82f3b5a5046c304566

    • SHA512

      fbb16ebdd147f5f7e7937fe1d3bcc506914b7d742245a031d8831739608542df6415807b747aaab95a05cfc58724bec91b1f8720b0c2def5e66d3200cd16c74a

    • SSDEEP

      768:xnnhlLxfF9oifeLc6WDK+w0kabRAUn1vh+vPqVOz7T2QbYtm6uROAhr:nlb9oIKWDK+w0ZbRhn1vh+v/T3Y46uD

    Score
    10/10
    • Erbium

      Erbium is an infostealer written in C++ and first seen in July 2022.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks