23af16d3c63373e2e6789381782572f3b0d17fe7587f243a100c6123ea1e3020 | Triage

Sharing

General

Target

SecuriteInfocomVariantBar.exe
Size

7.3MB
Sample

230701-h98acsha7v
MD5

7f74098f87d5a070e59b03ca9b042fe8
SHA1

26b883eb1af62dcaf5c0d5c20ab0cd281309f04d
SHA256

23af16d3c63373e2e6789381782572f3b0d17fe7587f243a100c6123ea1e3020
SHA512

4da95808589307efe6e73ad4818b1a7c58549006df70427dbdd1f2ff8c739c482a75093815eee552f7d8bd40c24dc432ef8726ab44d194af7adccb258a82a41d
SSDEEP

196608:uJJwSGQtuwVvZnfEJuoblq82iYD4ehf31sD:xSTzo5q81ga

Score

10^/10

collection

Malware Config

Targets

- Target
  
  SecuriteInfocomVariantBar.exe
- Size
  
  7.3MB
- MD5
  
  7f74098f87d5a070e59b03ca9b042fe8
- SHA1
  
  26b883eb1af62dcaf5c0d5c20ab0cd281309f04d
- SHA256
  
  23af16d3c63373e2e6789381782572f3b0d17fe7587f243a100c6123ea1e3020
- SHA512
  
  4da95808589307efe6e73ad4818b1a7c58549006df70427dbdd1f2ff8c739c482a75093815eee552f7d8bd40c24dc432ef8726ab44d194af7adccb258a82a41d
- SSDEEP
  
  196608:uJJwSGQtuwVvZnfEJuoblq82iYD4ehf31sD:xSTzo5q81ga
Score

10^/10

collection
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2