752b21ce0ebfdc831bc7348db4fdc8a8e15bd67ffb1ed3b60332513a35bb27aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RFQ-25251.scr.exe
Size

765KB
Sample

240514-mq534scf86
MD5

46c4b29ec6111cebfa1bbd60074c3103
SHA1

fb6d55a4b03b0a0be4fa8ec340e1ddfb2e9d813d
SHA256

752b21ce0ebfdc831bc7348db4fdc8a8e15bd67ffb1ed3b60332513a35bb27aa
SHA512

43d6c22800610e48df9c6f03f0a91f2f9f155d707c88509c404ad5619e2be5793fa98f2362c531cdfe655e7c1ddc0d010f067c812d8fff6f9b746e45c3dc30ec
SSDEEP

12288:wReLAfP7wDbLjy+1ayaK4vnirspoK/PmaBnYakJcZg3zPSIfF7We43V+k4o+EsJa:C537wDv++UyN4PiruoOrfkJcZgD37T4Z

Score

5^/10

Malware Config

Targets

- Target
  
  RFQ-25251.scr.exe
- Size
  
  765KB
- MD5
  
  46c4b29ec6111cebfa1bbd60074c3103
- SHA1
  
  fb6d55a4b03b0a0be4fa8ec340e1ddfb2e9d813d
- SHA256
  
  752b21ce0ebfdc831bc7348db4fdc8a8e15bd67ffb1ed3b60332513a35bb27aa
- SHA512
  
  43d6c22800610e48df9c6f03f0a91f2f9f155d707c88509c404ad5619e2be5793fa98f2362c531cdfe655e7c1ddc0d010f067c812d8fff6f9b746e45c3dc30ec
- SSDEEP
  
  12288:wReLAfP7wDbLjy+1ayaK4vnirspoK/PmaBnYakJcZg3zPSIfF7We43V+k4o+EsJa:C537wDv++UyN4PiruoOrfkJcZgD37T4Z
Score

5^/10
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2