36f828fc51e022714a6fd634e6b663919f332b67e9505ceb05d5c3b9398c6a00 | Triage

Sharing

General

Target

d27b20602db59697c20293d02aef1e433f98baf4
Size

1.2MB
Sample

230106-jfeavsfc65
MD5

9190513275b80db066cc1a2275c01af1
SHA1

d27b20602db59697c20293d02aef1e433f98baf4
SHA256

36f828fc51e022714a6fd634e6b663919f332b67e9505ceb05d5c3b9398c6a00
SHA512

c425f57e05af494687b7b7d81252a5345d61554860a41d398346b5ca31fa229003c3ff0d570749d2eec146f142e701725724e279110c77df52ae7b4e6524f2dc
SSDEEP

12288:3Cw0bu5zZm+Sxkxm/X7hddTg1k8WtEGPObozGVzrj2roUVxAvWkZxsqJyMkZ6yEe:3ClP78fLPTu69tCT/4jwCv

Score

7^/10

Malware Config

Targets

- Target
  
  d27b20602db59697c20293d02aef1e433f98baf4
- Size
  
  1.2MB
- MD5
  
  9190513275b80db066cc1a2275c01af1
- SHA1
  
  d27b20602db59697c20293d02aef1e433f98baf4
- SHA256
  
  36f828fc51e022714a6fd634e6b663919f332b67e9505ceb05d5c3b9398c6a00
- SHA512
  
  c425f57e05af494687b7b7d81252a5345d61554860a41d398346b5ca31fa229003c3ff0d570749d2eec146f142e701725724e279110c77df52ae7b4e6524f2dc
- SSDEEP
  
  12288:3Cw0bu5zZm+Sxkxm/X7hddTg1k8WtEGPObozGVzrj2roUVxAvWkZxsqJyMkZ6yEe:3ClP78fLPTu69tCT/4jwCv
Score

7^/10
- Loads dropped DLL
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2