e25a1050eba1d2800e12178ec056082cb84e4825dfab58c3a44a173b6f9c1792 | Triage

Sharing

General

Target

e25a1050eba1d2800e12178ec056082cb84e4825dfab58c3a44a173b6f9c1792
Size

4.7MB
Sample

230315-2sxbbafg36
MD5

e51f56cff8d20eabff2f5097e89617f0
SHA1

bb44250f7c7b658e0b004d1a50e8311401047f74
SHA256

e25a1050eba1d2800e12178ec056082cb84e4825dfab58c3a44a173b6f9c1792
SHA512

a8db7f2e6ded80f4052d91083ff3ba5bb26af14cea16378cb840924792be42628b1770f0c977530383c8929c5fadb47c40a557012fb2aeeae53384f8c50ea7b3
SSDEEP

98304:XrNDnifgPgjhcObmRCevTu6QDiU98WJONhZ9gsb0jJu/2vJYL4oo2:XFBMuOCTpDLaqiRYLv

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e25a1050eba1d2800e12178ec056082cb84e4825dfab58c3a44a173b6f9c1792
- Size
  
  4.7MB
- MD5
  
  e51f56cff8d20eabff2f5097e89617f0
- SHA1
  
  bb44250f7c7b658e0b004d1a50e8311401047f74
- SHA256
  
  e25a1050eba1d2800e12178ec056082cb84e4825dfab58c3a44a173b6f9c1792
- SHA512
  
  a8db7f2e6ded80f4052d91083ff3ba5bb26af14cea16378cb840924792be42628b1770f0c977530383c8929c5fadb47c40a557012fb2aeeae53384f8c50ea7b3
- SSDEEP
  
  98304:XrNDnifgPgjhcObmRCevTu6QDiU98WJONhZ9gsb0jJu/2vJYL4oo2:XFBMuOCTpDLaqiRYLv
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2