d14fd7f28b6b02224fed34d96a94c11952a18f8cbcbd2ae7f4df483dee2cb3de | Triage

Submit
Reports

Overview

overview

Static

static

1

000299288171.exe

windows7-x64

7

000299288171.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

000299288171.exe
Size

1.0MB
Sample

231011-xrhz3shc44
MD5

5b7bc70c7f80f99d18b088e63e695d1f
SHA1

0d2ba9af627b20c8691e815253cff174cc8f6c66
SHA256

d14fd7f28b6b02224fed34d96a94c11952a18f8cbcbd2ae7f4df483dee2cb3de
SHA512

f3eb32fa253d0ec14113d21a27e1886e28499751cc283c62258762c8a4ed7868ca001c6e5d652e41ce2e37d120075c9d55823fbf083824bf7e1ead889fae2643
SSDEEP

24576:rSB7yFISxUyL61sOPijEuplGRQjrlPB7Lw9IOiMpEOtoYIHXZVbFmuseSN:ezMLwsbjfGRerlm9IOiWEOGnrRtNw

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

000299288171.exe

Resource

win7-20230831-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

000299288171.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
mail.etasimali.com
Port:
587
Username:
[email protected]
Password:
RECRUTEMENT@2023

Targets

- Target
  
  000299288171.exe
- Size
  
  1.0MB
- MD5
  
  5b7bc70c7f80f99d18b088e63e695d1f
- SHA1
  
  0d2ba9af627b20c8691e815253cff174cc8f6c66
- SHA256
  
  d14fd7f28b6b02224fed34d96a94c11952a18f8cbcbd2ae7f4df483dee2cb3de
- SHA512
  
  f3eb32fa253d0ec14113d21a27e1886e28499751cc283c62258762c8a4ed7868ca001c6e5d652e41ce2e37d120075c9d55823fbf083824bf7e1ead889fae2643
- SSDEEP
  
  24576:rSB7yFISxUyL61sOPijEuplGRQjrlPB7Lw9IOiMpEOtoYIHXZVbFmuseSN:ezMLwsbjfGRerlm9IOiWEOGnrRtNw
Score

10^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy