4f47d84b03f5cfa3845d1b36df5e40df984756fc6ba2d98586eb39dced212628 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f47d84b03f5cfa3845d1b36df5e40df984756fc6ba2d98586eb39dced212628
Size

3.3MB
Sample

240422-fstpjagc2s
MD5

b9882fe8bb7ab2a4d094f9ff5442df1c
SHA1

e17c146530a4371e0595c195c24863935a3dee8b
SHA256

4f47d84b03f5cfa3845d1b36df5e40df984756fc6ba2d98586eb39dced212628
SHA512

bee33d43deb43854975e6c7a57f27ab8c6519ea3e6df51297ca670ac62831f29f6a18eff0bb0af14f9e985ebf9e2169ed97582fa64998cfb33b1d8b61ec72db4
SSDEEP

49152:zUIbNigeVE2MD7ZDAgUf0dgF8bEOlf84L:JI3bg3J

Score

7^/10

Malware Config

Targets

- Target
  
  4f47d84b03f5cfa3845d1b36df5e40df984756fc6ba2d98586eb39dced212628
- Size
  
  3.3MB
- MD5
  
  b9882fe8bb7ab2a4d094f9ff5442df1c
- SHA1
  
  e17c146530a4371e0595c195c24863935a3dee8b
- SHA256
  
  4f47d84b03f5cfa3845d1b36df5e40df984756fc6ba2d98586eb39dced212628
- SHA512
  
  bee33d43deb43854975e6c7a57f27ab8c6519ea3e6df51297ca670ac62831f29f6a18eff0bb0af14f9e985ebf9e2169ed97582fa64998cfb33b1d8b61ec72db4
- SSDEEP
  
  49152:zUIbNigeVE2MD7ZDAgUf0dgF8bEOlf84L:JI3bg3J
Score

7^/10
- Drops startup file
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2