3ef886ad71e5fc825b9b608b3f80ce2a3c3dafc0ecc1bc7dc9721c6855898bc6 | Triage

Resubmissions

02/10/2024, 14:25

241002-rrnyfavbrh 5

02/10/2024, 14:22

241002-rpr73s1blj 5

Sharing

Copy URL Twitter E-mail

General

Target

Purchase Order.exe
Size

1.3MB
Sample

241002-rrnyfavbrh
MD5

4bf3c3730f87303d462d33cd7439d24e
SHA1

0b242ca2f09aca59d55bfcac3c6842d3b5ed2578
SHA256

3ef886ad71e5fc825b9b608b3f80ce2a3c3dafc0ecc1bc7dc9721c6855898bc6
SHA512

2e6a92fed0ef35dc8a52a764baebbd2dbcd3920e8107b7381e00ef95185e668a0803fb891d3053509f7f867efba0e37738b19bc755df83bc9d9943768bea482a
SSDEEP

24576:ffmMv6Ckr7Mny5QLYVaCcMTEq686HA5KILVmPHt:f3v+7/5QLYRcwr6lH7IgPN

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  Purchase Order.exe
- Size
  
  1.3MB
- MD5
  
  4bf3c3730f87303d462d33cd7439d24e
- SHA1
  
  0b242ca2f09aca59d55bfcac3c6842d3b5ed2578
- SHA256
  
  3ef886ad71e5fc825b9b608b3f80ce2a3c3dafc0ecc1bc7dc9721c6855898bc6
- SHA512
  
  2e6a92fed0ef35dc8a52a764baebbd2dbcd3920e8107b7381e00ef95185e668a0803fb891d3053509f7f867efba0e37738b19bc755df83bc9d9943768bea482a
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLYVaCcMTEq686HA5KILVmPHt:f3v+7/5QLYRcwr6lH7IgPN
Score

5^/10

discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4