1ee3b3d74a7b349cbd8c6e8c6c269f1680ed62997bc455f11f575ea3f8e889ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cliente.zip
Size

19.2MB
Sample

230207-cdbcvsha36
MD5

0556e50627259d2596982680f91388bf
SHA1

6763ff3ec641d04996e25487eaecc3f3063b67cc
SHA256

1ee3b3d74a7b349cbd8c6e8c6c269f1680ed62997bc455f11f575ea3f8e889ee
SHA512

2b12922c59b120a0eefe1731d03d4eb3f3a3ea21d6abcd6f357773dc81e6c8b17ac6a46073be597ef54d6560e6c3ae0c56cc50842eb7d029dcb7921300156941
SSDEEP

393216:P5EXwJbFtvUAcXxw7TY/Z8rfKzGRu/s4B4Vtl/xUzspvg7+TacOp:hEifvUfwwarfg/stVtfUgpa+G9

Score

5^/10

Malware Config

Targets

- Target
  
  g2m.dll
- Size
  
  1024.0MB
- MD5
  
  319f3dd4271bed531ded40acf1d6d149
- SHA1
  
  91d0d54f32a3f33741e226709fd69ac376861c77
- SHA256
  
  2ddf2fb4cee6c119fa1f18aaf4a55d4f8db449208201b03eb3f6f18a702af034
- SHA512
  
  3148fe604fa45e6e7dfb101ecbb39fb6d97ef2719bcbf876fd3e9d4c5254c9311d58f3cd92c363e421034ce01c89f0754f8df67effac4908a0089b667c19a798
- SSDEEP
  
  393216:3l13jFVFbHsrXLbIV1upZgPMTAb2w/IztVnPmXAB5gZM9KMy:3lBp/Hsrg+pZwb23ztNmQBMM4
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2