f9a994e6e546c540ddb863a31066a483c5d8fc21478348ecf6a60c7bc8a01891 | Triage

Sharing

General

Target

f9a994e6e546c540ddb863a31066a483c5d8fc21478348ecf6a60c7bc8a01891
Size

2.2MB
Sample

220916-2cx8nscfbm
MD5

954b7677eb947236a313bd1fb0407067
SHA1

77f87d4d8b12ba64b28cc8536ebf40dcec51f195
SHA256

f9a994e6e546c540ddb863a31066a483c5d8fc21478348ecf6a60c7bc8a01891
SHA512

1c1bbf76f125b922c3da154a781dc7a59aafb57362dd8a642a43a26d1fbbad463c9330c4f77c658c634b5064312d0888993d7384da88f9b303ce894ef8db6f1f
SSDEEP

49152:2pS0zCZLl3G0u84DzZmg+rZhJQMJDh3IkyRusbg:2T2hDu84Bmhrz/JDh3IkyRr

Score

8^/10

Malware Config

Targets

- Target
  
  f9a994e6e546c540ddb863a31066a483c5d8fc21478348ecf6a60c7bc8a01891
- Size
  
  2.2MB
- MD5
  
  954b7677eb947236a313bd1fb0407067
- SHA1
  
  77f87d4d8b12ba64b28cc8536ebf40dcec51f195
- SHA256
  
  f9a994e6e546c540ddb863a31066a483c5d8fc21478348ecf6a60c7bc8a01891
- SHA512
  
  1c1bbf76f125b922c3da154a781dc7a59aafb57362dd8a642a43a26d1fbbad463c9330c4f77c658c634b5064312d0888993d7384da88f9b303ce894ef8db6f1f
- SSDEEP
  
  49152:2pS0zCZLl3G0u84DzZmg+rZhJQMJDh3IkyRusbg:2T2hDu84Bmhrz/JDh3IkyRr
Score

8^/10
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2