5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f | Triage

Sharing

General

Target

5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f
Size

442KB
Sample

240225-jnh9safh3y
MD5

c02689449a4ce73ec79a52595ab590f6
SHA1

5908453afef391437c632ca0ce921dbf0c6e8bd5
SHA256

5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f
SHA512

86503802f69ab69ee18e5b8635ca9442867beed6b1547565bbc3bae12db51b7aa5ed1ed472a1c7278608a936747865f290297f78b729c249006ee6377cc86082
SSDEEP

6144:RlDoHtgdupnzKELHSM0zAAFFOQVJ3hAkToXTOnRnN/jxrUmNAXRDfSZ8cPiKqpr/:Uj87domKxSZ8LKqm31uQHTbJ/ERp4Q5D

Score

10^/10

Malware Config

Targets

- Target
  
  5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f
- Size
  
  442KB
- MD5
  
  c02689449a4ce73ec79a52595ab590f6
- SHA1
  
  5908453afef391437c632ca0ce921dbf0c6e8bd5
- SHA256
  
  5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f
- SHA512
  
  86503802f69ab69ee18e5b8635ca9442867beed6b1547565bbc3bae12db51b7aa5ed1ed472a1c7278608a936747865f290297f78b729c249006ee6377cc86082
- SSDEEP
  
  6144:RlDoHtgdupnzKELHSM0zAAFFOQVJ3hAkToXTOnRnN/jxrUmNAXRDfSZ8cPiKqpr/:Uj87domKxSZ8LKqm31uQHTbJ/ERp4Q5D
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2