040a5d6cc3d671fa01d0b1e0d6ba625cea80d95174ec18e251f492f3e3583563 | Triage

Sharing

General

Target

040a5d6cc3d671fa01d0b1e0d6ba625cea80d95174ec18e251f492f3e3583563
Size

2.2MB
Sample

220921-l991qsgad8
MD5

3e3aa16db634215793db4ae1020e9339
SHA1

e252bd73777b89481f0a9b474a129a4e67d0c867
SHA256

040a5d6cc3d671fa01d0b1e0d6ba625cea80d95174ec18e251f492f3e3583563
SHA512

540c67049d516bf1276b9bafb267030b71f7844be12e2b1cf8f56d79ff9653ca0dee727d7c9f4f9b34085c4ab02711ec2ecb9ec4ec031a5cd284f9812391ad0b
SSDEEP

49152:yHXH3tMnQ2KC2sl/TGN9cZSs4gD/LA3VYdINUWy3gCM:yHtMnQ2V7SiCc3dINUDg

Score

8^/10

Malware Config

Targets

- Target
  
  040a5d6cc3d671fa01d0b1e0d6ba625cea80d95174ec18e251f492f3e3583563
- Size
  
  2.2MB
- MD5
  
  3e3aa16db634215793db4ae1020e9339
- SHA1
  
  e252bd73777b89481f0a9b474a129a4e67d0c867
- SHA256
  
  040a5d6cc3d671fa01d0b1e0d6ba625cea80d95174ec18e251f492f3e3583563
- SHA512
  
  540c67049d516bf1276b9bafb267030b71f7844be12e2b1cf8f56d79ff9653ca0dee727d7c9f4f9b34085c4ab02711ec2ecb9ec4ec031a5cd284f9812391ad0b
- SSDEEP
  
  49152:yHXH3tMnQ2KC2sl/TGN9cZSs4gD/LA3VYdINUWy3gCM:yHtMnQ2V7SiCc3dINUDg
Score

8^/10
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2