Alternative Hack.zip

General
Target

Alternative Hack.zip

Size

5MB

Sample

210408-pclltxkwqn

Score
8 /10
MD5

1b8d616982ecd725abde6678190223c9

SHA1

fe1a1032eed7358030c6f51d911ff5d575b739d8

SHA256

cb1a504074193603bc5921b796e755cd3c8ba14f3fb9cc1223157b6433c854c7

SHA512

5700115b9cfd0c75ca6ee6092430e9638043d4928bfa1ac530da99e27cb18daae8f50f7ce9c3272a494f3a7c9160277de967d69e14b5d34e252f0c144a1ac208

Malware Config
Targets
Target

stfu.dll

MD5

bec24bf7ee8a0d5c3aa2cd660f2d83f4

Filesize

6MB

Score
8 /10
SHA1

d20a60b765c112be47ddbe770bc3f1b975099055

SHA256

bea73fc78ecf3960308614239238ac473328b36f9096b5d3411686431d551345

SHA512

01ee1aee2e7b808939749c73f0955e85150e8e068f8c826edbce2517d8e1069a48fbec3b0d4be4ac90369da90514f651a82c343506c17f734db131489dd93738

Signatures

  • Blocklisted process makes network request

  • Suspicious use of NtSetInformationThreadHideFromDebugger

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          1/10

                          behavioral2

                          8/10