f1636b42450bbec6f91c099825477a0808dd2f9b86def6f3e11610b3fd7ea4e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1636b42450bbec6f91c099825477a0808dd2f9b86def6f3e11610b3fd7ea4e0
Size

4.2MB
Sample

230305-fgtv6afb6z
MD5

7ac332f16634fcee99672af0867d872f
SHA1

2aefd28de39e62a0f37c4119cc7a3155581fc2ae
SHA256

f1636b42450bbec6f91c099825477a0808dd2f9b86def6f3e11610b3fd7ea4e0
SHA512

5be5d4bf5a6ed2c117294f6e28a5f56301257a39407795834831223db9bb95c0e496dcacc14d4968c597679771f2eab1c12416c0e2e931354ea7995dd8e49e32
SSDEEP

49152:/x28PbFFbDmcVY9yIsI/qaQjI6DpiRp5ZtCaMRka7eQxh+KDQy8YTc7cN6oe4C87:cutKcm9yB4iIEiB2+a7eUku7

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f1636b42450bbec6f91c099825477a0808dd2f9b86def6f3e11610b3fd7ea4e0
- Size
  
  4.2MB
- MD5
  
  7ac332f16634fcee99672af0867d872f
- SHA1
  
  2aefd28de39e62a0f37c4119cc7a3155581fc2ae
- SHA256
  
  f1636b42450bbec6f91c099825477a0808dd2f9b86def6f3e11610b3fd7ea4e0
- SHA512
  
  5be5d4bf5a6ed2c117294f6e28a5f56301257a39407795834831223db9bb95c0e496dcacc14d4968c597679771f2eab1c12416c0e2e931354ea7995dd8e49e32
- SSDEEP
  
  49152:/x28PbFFbDmcVY9yIsI/qaQjI6DpiRp5ZtCaMRka7eQxh+KDQy8YTc7cN6oe4C87:cutKcm9yB4iIEiB2+a7eUku7
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2