d911e065b08602864bff2e45b714ff89d293a85d36aacc35979b5771999025aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d911e065b08602864bff2e45b714ff89d293a85d36aacc35979b5771999025aa
Size

4.2MB
Sample

230304-yrc99seb3w
MD5

5b3ece16b03dc1d46acfb9fe7771b642
SHA1

4ab4cb84421f9caaf97f3130f850aeae6b3a74a0
SHA256

d911e065b08602864bff2e45b714ff89d293a85d36aacc35979b5771999025aa
SHA512

19f6e2bc0c20d1e9d5d5ba21fb13b8d86549eaf99fc53ce88bdb8226f6a98f72c331cf2698082bdc6e437f5b1150df6a6a4769f6b08592d3e74de98f4313f60a
SSDEEP

49152:HZx28PbFFbDmcVY9yIsI/qaQjI6DpiRp5ZtCaMRka7eQxh+KDQy8YTc7cN6oe4CY:HGutKcm9yB4iIEiB2+a7eUkub

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d911e065b08602864bff2e45b714ff89d293a85d36aacc35979b5771999025aa
- Size
  
  4.2MB
- MD5
  
  5b3ece16b03dc1d46acfb9fe7771b642
- SHA1
  
  4ab4cb84421f9caaf97f3130f850aeae6b3a74a0
- SHA256
  
  d911e065b08602864bff2e45b714ff89d293a85d36aacc35979b5771999025aa
- SHA512
  
  19f6e2bc0c20d1e9d5d5ba21fb13b8d86549eaf99fc53ce88bdb8226f6a98f72c331cf2698082bdc6e437f5b1150df6a6a4769f6b08592d3e74de98f4313f60a
- SSDEEP
  
  49152:HZx28PbFFbDmcVY9yIsI/qaQjI6DpiRp5ZtCaMRka7eQxh+KDQy8YTc7cN6oe4CY:HGutKcm9yB4iIEiB2+a7eUkub
Score

7^/10

discovery
- Executes dropped EXE
- Modifies file permissions
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1