6ec2a7497a108851decf0497bee3dcef84a4dbcd43a699c531465a84f1412674 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ec2a7497a108851decf0497bee3dcef84a4dbcd43a699c531465a84f1412674
Size

2.6MB
Sample

220919-2bf8rsfbem
MD5

bf599d1612d5de7ca8fdea16632a63b1
SHA1

80478e186dc8aaf482b9b197c651b8782e109a19
SHA256

6ec2a7497a108851decf0497bee3dcef84a4dbcd43a699c531465a84f1412674
SHA512

d0fabed7d489fdae53d538a842660280ab884ef3c051035018686f9cb989ab459dc7e663fc47d8d709a504ea0868050c4a44ce2e5fa5cbde7fe6e3e1ae16e187
SSDEEP

49152:/f5ogOEiHx51+56F16ogFaVN+we4Y28Fa+EQ7ujORpkLdZKMef6bL:/fKnxvhCoZV2pk4ujORpkLdUMemL

Score

8^/10

Malware Config

Targets

- Target
  
  6ec2a7497a108851decf0497bee3dcef84a4dbcd43a699c531465a84f1412674
- Size
  
  2.6MB
- MD5
  
  bf599d1612d5de7ca8fdea16632a63b1
- SHA1
  
  80478e186dc8aaf482b9b197c651b8782e109a19
- SHA256
  
  6ec2a7497a108851decf0497bee3dcef84a4dbcd43a699c531465a84f1412674
- SHA512
  
  d0fabed7d489fdae53d538a842660280ab884ef3c051035018686f9cb989ab459dc7e663fc47d8d709a504ea0868050c4a44ce2e5fa5cbde7fe6e3e1ae16e187
- SSDEEP
  
  49152:/f5ogOEiHx51+56F16ogFaVN+we4Y28Fa+EQ7ujORpkLdZKMef6bL:/fKnxvhCoZV2pk4ujORpkLdUMemL
Score

8^/10
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2