3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6
Size

2.7MB
Sample

220915-16bq4ahhdl
MD5

3e6ab81cb664ef45c63e199d29482770
SHA1

bda51008a7daa74647251d6d5a77fdb856210301
SHA256

3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6
SHA512

fe71b8e01e255c1b18df315f10eb21c869bdd97d2c7f32c45b09ccae6fbfce46fc501f1aa8951a598514de9a32326246d31b8bac9930aab6944986a483ee5031
SSDEEP

49152:DfOs9NOgoQwALr0SJPhFjvGriy0v9IQ2N6/wshHb0e517ytyrCmuC5X1HK:DLv7wq9bGrFc9F2dsZgwytyrLTH

Score

8^/10

Malware Config

Targets

- Target
  
  3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6
- Size
  
  2.7MB
- MD5
  
  3e6ab81cb664ef45c63e199d29482770
- SHA1
  
  bda51008a7daa74647251d6d5a77fdb856210301
- SHA256
  
  3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6
- SHA512
  
  fe71b8e01e255c1b18df315f10eb21c869bdd97d2c7f32c45b09ccae6fbfce46fc501f1aa8951a598514de9a32326246d31b8bac9930aab6944986a483ee5031
- SSDEEP
  
  49152:DfOs9NOgoQwALr0SJPhFjvGriy0v9IQ2N6/wshHb0e517ytyrCmuC5X1HK:DLv7wq9bGrFc9F2dsZgwytyrLTH
Score

8^/10
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2