0e61423ce0dd19b1902ffcbfa2f5362d2b309f357b703a67bbf5720311369042 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

589166_h9yxU4.zip
Size

21.5MB
Sample

240802-y1lb8stcnf
MD5

66f5817fb058c1f6e2b45afd7503dfbd
SHA1

2131be89c64d6453687b6b23294b58057b3d79a9
SHA256

0e61423ce0dd19b1902ffcbfa2f5362d2b309f357b703a67bbf5720311369042
SHA512

246eea6a849f5c71c39f141d9ec8eedf71bd90c747969b6afe8a3b151f5c880c8d4c55b3d9ee6f2f9e2fa1d9e9ae05026bd66923de956c04f1d5b7be9f4adb7e
SSDEEP

393216:DEcv9sEy0fYZ9yGfcMwFKYMPBd/yXUkdxMkQelfk:DLvyEgZ9ybMDpwUCNk

Score

5^/10

Malware Config

Targets

- Target
  
  589166_h9yxU4.exe
- Size
  
  21.5MB
- MD5
  
  6d2d57a760ae960af174cbfca8c99ddf
- SHA1
  
  2a5388d09927775b24ac1fe214390df41c2efa65
- SHA256
  
  745e59e0d47b2594c07886f755dd27801251c6f0a65ee4c5980173eaafe27785
- SHA512
  
  5d74aa3a78fed9c52be90e79bc3fdc958432f44771fc0ecf8496f3b3a674042c245bd90a6aea0306623c33aba029c7a36057228dfa7b9d55b3dcdcd28609347e
- SSDEEP
  
  393216:6Ecv9sEy0fYZ9yGfcMwFKYMPBd/yXUkdxMkQelf:6LvyEgZ9ybMDpwUCN
Score

5^/10
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2