e1658d982758514877f382b0c5cfda1ce99720bd7aa707f36325981fe0a5a964 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

svchost.exe
Size

3.0MB
Sample

230612-jtg9nsba57
MD5

55363bf4d7dfa391a4ec21afea3187f3
SHA1

37672a1d5150648ab7651b9290ebd68a68ef36ce
SHA256

e1658d982758514877f382b0c5cfda1ce99720bd7aa707f36325981fe0a5a964
SHA512

6190a784cfd1049b4854e9e87be47f134f7f5970100682fc2dd9064a1c1cd07d59f9ea4bb9dfc31dc58ee57fbb59c346168295fae7094bac8a80965495a13578
SSDEEP

98304:8LfED1YNQ33vYz7KMelfsLdSFvfSKLHT:8Iks

Score

7^/10

Malware Config

Targets

- Target
  
  svchost.exe
- Size
  
  3.0MB
- MD5
  
  55363bf4d7dfa391a4ec21afea3187f3
- SHA1
  
  37672a1d5150648ab7651b9290ebd68a68ef36ce
- SHA256
  
  e1658d982758514877f382b0c5cfda1ce99720bd7aa707f36325981fe0a5a964
- SHA512
  
  6190a784cfd1049b4854e9e87be47f134f7f5970100682fc2dd9064a1c1cd07d59f9ea4bb9dfc31dc58ee57fbb59c346168295fae7094bac8a80965495a13578
- SSDEEP
  
  98304:8LfED1YNQ33vYz7KMelfsLdSFvfSKLHT:8Iks
Score

7^/10
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2