241a63ae9b38398c8b01a096d48ee5d36fe95c1277da2828015c1ff82d0d2e11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28092024_0103_27092024_Doctor firm order form.lzh
Size

652KB
Sample

240928-bemxls1dqb
MD5

eb8330f71bfd73d499cf310e3a7e9332
SHA1

c0c5defe21c502faf32fff77f5a81ed1661cc1aa
SHA256

241a63ae9b38398c8b01a096d48ee5d36fe95c1277da2828015c1ff82d0d2e11
SHA512

de8eeea12dddac19b63101c00964eb86424ec062e3af20d04ce599dedcecb7545ce9d52683a1c8ff8a9381b94f603de4d1d4cd2a3b717794384d1834ea167cdd
SSDEEP

12288:2NcvalIJWjjyPbHq0q/Js8E0x4ugRoOLqRXfUNjIiPOmGQ1KSmht9NOO6tQJ7o:2N3IojMq0qxRE/uMscfPAsmL/mT

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  Doctor firm order form.exe
- Size
  
  669KB
- MD5
  
  7921d3a2df6061b71d17c17db395b7e0
- SHA1
  
  3e4fcc203670021c89724d79519c173b3f65e987
- SHA256
  
  d93978a9bffc17a585440b55863b852331f8a24bd2f13ab16a32c5ccbcf9eddd
- SHA512
  
  79b82ba94f911a9a750d69018ab4660c76d9130de24d27c02562ea3232dff90d89e13a7165c72fa87cb25d042d1371ebc0fe827b17ba25416a5652d01883d270
- SSDEEP
  
  12288:YI9A8OQDqMbCU82kfGYOO5Xf/exzg+EUPi0j3e04YoJwRg5vNKW3JugtzZCGGVLc:YIKNWqMX82kfGYOc/OzgOaIu0ROwRSNN
Score

5^/10

discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2