General

  • Target

    RFQ#OOCH20240429 JNJ TOTAL MARINE KOREA.tbz

  • Size

    820KB

  • Sample

    240430-jcgxksfh4x

  • MD5

    58f7fc23f807875121e893006e9326b7

  • SHA1

    e43c48dc2ce0309a797289a9a3b90666e6449381

  • SHA256

    82986fac746210902bc0f5ab1b54e31ce3c074ecf0fa5a5a5285ce5fac7fa5b0

  • SHA512

    cc67f45b69a0c2b8293dd4ce66396cf10b3a2dbb02aa9ccfbb4073c0db5a6960e7ce730553b24c2230004d729ec813da99f1c8a00ee2ee316a3bc732fe164384

  • SSDEEP

    12288:8icarC/Qms8sowgIHC3aJ1ru+G32i+TK/9RUoacn6Wv+ouwN3+aJPEnk8fKJJ01m:RrPnomot32Z8n3vf3rJPEnko4gBStICN

Score
5/10

Malware Config

Targets

    • Target

      RFQ#OOCH20240429 JNJ TOTAL MARINE KOREA.scr

    • Size

      888KB

    • MD5

      f186864477a4680a6014f1041b7daafc

    • SHA1

      97bfb1035009bd987eb71e351995e5d32c830dfd

    • SHA256

      9f17e3a7cb7c6daefe54c609254afc31acc47daf5f3b00ef63260bb2e2d38efc

    • SHA512

      8341e09f4f285e1a00a2b0e71309572ba6646ead7f1e4b426f8bab2fa0017f28c0e6c013ed2abc5f58f6096d91326da0eb02c5caba768f589aa730bff9d2ca76

    • SSDEEP

      12288:FX2Wlr2gmDmoV6vRYcUeTZCEM1+Kx1kjcAs1JW/KRd23yKVCWZXn:FX1l6nD+RrfTZC1scAFSHmPXn

    Score
    5/10
    • Detected potential entity reuse from brand microsoft.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks