741eed8074530c499fdc24c23ced7a7ed0f300430e00421fe0f9a37cdb52def3 | Triage

Sharing

General

Target

741eed8074530c499fdc24c23ced7a7ed0f300430e00421fe0f9a37cdb52def3
Size

295KB
Sample

230412-e1zp3sbd4t
MD5

2bb79ccb8b0c1d91b32f355ac9bbaaa1
SHA1

32a07a3be2700918f585157af2dcbb5075b7f437
SHA256

741eed8074530c499fdc24c23ced7a7ed0f300430e00421fe0f9a37cdb52def3
SHA512

ef776a6ae8e3511e51fadc1127457d8940d661b34ff5088c324237b05688dbd256a9cd0721c5c7ae04e4bad0864e566872dfff573d868adf5e13d566fd0e1105
SSDEEP

6144:6prW2JK/lcRhIzeDtooM9sPKqFIP2+jquE7dn:6p628+RizeDkqFIDSp

Score

8^/10

Malware Config

Targets

- Target
  
  741eed8074530c499fdc24c23ced7a7ed0f300430e00421fe0f9a37cdb52def3
- Size
  
  295KB
- MD5
  
  2bb79ccb8b0c1d91b32f355ac9bbaaa1
- SHA1
  
  32a07a3be2700918f585157af2dcbb5075b7f437
- SHA256
  
  741eed8074530c499fdc24c23ced7a7ed0f300430e00421fe0f9a37cdb52def3
- SHA512
  
  ef776a6ae8e3511e51fadc1127457d8940d661b34ff5088c324237b05688dbd256a9cd0721c5c7ae04e4bad0864e566872dfff573d868adf5e13d566fd0e1105
- SSDEEP
  
  6144:6prW2JK/lcRhIzeDtooM9sPKqFIP2+jquE7dn:6p628+RizeDkqFIDSp
Score

8^/10
- Downloads MZ/PE file
- Drops file in Drivers directory
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2