b3fd47ea2c655fd91282c2c8d2e72fe5b7e51df266465a4fd6aa01602935dd88 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3fd47ea2c655fd91282c2c8d2e72fe5b7e51df266465a4fd6aa01602935dd88
Size

4.2MB
Sample

230304-31stjaef3z
MD5

70ef9f05297689c83e18ff64f91e9a0a
SHA1

41048212e1e5217b3c27da098400fc66fa8bfc46
SHA256

b3fd47ea2c655fd91282c2c8d2e72fe5b7e51df266465a4fd6aa01602935dd88
SHA512

85c4e6a2e2d61bdd3e1c16b11e789d02170331931ed0a1bc441b773143c4dbb64d8aa2610a8b5e8584f4458651d04228792bfe0f7e5942468fb4c245a6484b1f
SSDEEP

49152:+x28PbFFbDmcVY9yIsI/qaQjI6DpiRp5ZtCaMRka7eQxh+KDQy8YTc7cN6oe4C8i:zutKcm9yB4iIEiB2+a7eUkui

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b3fd47ea2c655fd91282c2c8d2e72fe5b7e51df266465a4fd6aa01602935dd88
- Size
  
  4.2MB
- MD5
  
  70ef9f05297689c83e18ff64f91e9a0a
- SHA1
  
  41048212e1e5217b3c27da098400fc66fa8bfc46
- SHA256
  
  b3fd47ea2c655fd91282c2c8d2e72fe5b7e51df266465a4fd6aa01602935dd88
- SHA512
  
  85c4e6a2e2d61bdd3e1c16b11e789d02170331931ed0a1bc441b773143c4dbb64d8aa2610a8b5e8584f4458651d04228792bfe0f7e5942468fb4c245a6484b1f
- SSDEEP
  
  49152:+x28PbFFbDmcVY9yIsI/qaQjI6DpiRp5ZtCaMRka7eQxh+KDQy8YTc7cN6oe4C8i:zutKcm9yB4iIEiB2+a7eUkui
Score

7^/10

discovery
- Executes dropped EXE
- Modifies file permissions
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1