c79e95b78900ab010b1304d3054f84ab2bb5e2e9d3b1e760063dc668e311c2a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmpk39_z90w
Size

1.2MB
Sample

240808-1dmmwstfmg
MD5

7c4d4eab0d344f857aedc257e94fa0bd
SHA1

c895b297e710b3782cd3577b7c1e508e8f7509cd
SHA256

c79e95b78900ab010b1304d3054f84ab2bb5e2e9d3b1e760063dc668e311c2a4
SHA512

01cfb4a837f3cf1197a6a8ebccfe8b42db04581090e8f29747456daed16ac67a6b4372bd4bcdda1e7c38ec348105fee9a613b33ee53dbee7ce3cfa5adb8af0d8
SSDEEP

12288:75RZq4V3xwt867Dvq/XWBTmMVCnJNFAlGvGHcgFknHteA9j:xV3uL7DvaGmM2pi18LnIA5

Score

7^/10

Malware Config

Targets

- Target
  
  tmpk39_z90w
- Size
  
  1.2MB
- MD5
  
  7c4d4eab0d344f857aedc257e94fa0bd
- SHA1
  
  c895b297e710b3782cd3577b7c1e508e8f7509cd
- SHA256
  
  c79e95b78900ab010b1304d3054f84ab2bb5e2e9d3b1e760063dc668e311c2a4
- SHA512
  
  01cfb4a837f3cf1197a6a8ebccfe8b42db04581090e8f29747456daed16ac67a6b4372bd4bcdda1e7c38ec348105fee9a613b33ee53dbee7ce3cfa5adb8af0d8
- SSDEEP
  
  12288:75RZq4V3xwt867Dvq/XWBTmMVCnJNFAlGvGHcgFknHteA9j:xV3uL7DvaGmM2pi18LnIA5
Score

7^/10
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2