4abff971e60411f27a710076419f009628a2c8c597452ee997f3b1bd1256ab23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

IMG-20230529-WA0004470000000000000000002023.gz
Size

1.6MB
Sample

230530-rlrgdaad2x
MD5

ba4071a5c841bbed385654b8ac496d75
SHA1

544c4d9d6a8c5e9ba1789e79ad04e34517a476b5
SHA256

4abff971e60411f27a710076419f009628a2c8c597452ee997f3b1bd1256ab23
SHA512

9d8025edf8b67c0faf175965448eb1588d102aabdbb1a889070bd1a1307bddfc841656a6dc5cf6c889f8dc061ceb07d0e4013829eed4108ee7da39387ea3e33a
SSDEEP

49152://aYhuH+MEScEBy9w1EFAt0LnNj+0CZNfF:/PzM1DBy9dAtuns0E9

Score

7^/10

Malware Config

Targets

- Target
  
  IMG-20230529-WA0004470000000000000000002023.exe
- Size
  
  2.0MB
- MD5
  
  af91ceb7e9bbc663040c17e5459cc41a
- SHA1
  
  2ae9582c46299bffd4a4c1a09af4265543bcedb6
- SHA256
  
  4a26b1d03db10e6808ac8d4337a4c88c448b87432e2d1c593a647ec103ec4a2c
- SHA512
  
  2496d54a6f671afd999161f5a45c9809171cdad9af5620ea79d4455f57e6abb20ebc87237fd5746ff9f77b1bac82e6db799a0ee23beb46f04ea6c470d54b7dc8
- SSDEEP
  
  24576:UQunmNyoIJV6Q8ISJ28zcRBcG+r8h1tuXwNp3La5cLyH7r0SkmNl7xmw:6noyoWrAnzcL+gh12wNQ57HESrU
Score

7^/10
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2