2eef9643bc54d1fee904f2b42d573d0ae2661355fda2a54d59a4822ce2c15b7a | Triage

Sharing

General

Target

2eef9643bc54d1fee904f2b42d573d0ae2661355fda2a54d59a4822ce2c15b7a
Size

1.4MB
Sample

230106-rt744agh37
MD5

179b1644f655bdf905d9583f1008d832
SHA1

0f141fa176ea4c5430851964aec0f20880a3fc84
SHA256

2eef9643bc54d1fee904f2b42d573d0ae2661355fda2a54d59a4822ce2c15b7a
SHA512

7f7e5266f77ec551d59ae7f9a1a157abb688bbaada5b06ccb7805794aa0c40486fac18bfa8e231dc8556ad966f97157562d381ac533cf629fb3ce9e15541eb13
SSDEEP

24576:Ih7vPOKWY/KBfssEnBmyZNc2twn+217g3SOhTaqu5ZCIcSoTy0PYMa0EQdZwJENN:I93OKWfUq4Nc2Kn+210C3qu5ZCIcSoOE

Score

5^/10

Malware Config

Targets

- Target
  
  PO#00953.exe
- Size
  
  1.9MB
- MD5
  
  fb1b359d9411141b7f8be896f2a2f857
- SHA1
  
  533a486107a1ca769fe5f23b20388bc15c58842f
- SHA256
  
  53e712112f30e2b054c8b28b061d008a14dc76e8a016d201e90cacf932d81c47
- SHA512
  
  89122193d7430544fee7deac4215639fd4a3fa7cec823d513ff9f23780d02471465124a5e8ce4bd476f767445e9a1913204e3b0e76c43cfb9d92dd91d8864062
- SSDEEP
  
  49152:+kRaSmiKj+dKh+cGb9G/Zxa5EcGzsM1+pc/jXtUR:+kJmz+dKh+NmZWa1LK
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2