3499d32bb1fe8201bc02559e1b352e97ea411bccf4ca651a662d0135566db177 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3499d32bb1fe8201bc02559e1b352e97ea411bccf4ca651a662d0135566db177
Size

6.0MB
Sample

220923-17rtpsaad6
MD5

0a4a6952c4fe113579df7d58470d3413
SHA1

a8eb01d5050996c1664ea1f1e4a9eb07a089f928
SHA256

3499d32bb1fe8201bc02559e1b352e97ea411bccf4ca651a662d0135566db177
SHA512

0810832a47f146594b0e3619094b08da04750e43388106040017847a292a974ddb444a17a332793da48432b23952e046867ac9895c35ca4ca7fab16eaa397668
SSDEEP

98304:DEznIBY/V+PrhYeF5hv89culM+uaOK5ZrdW9PaexK6ls04P2xo33xxOyF+LTRXO:DErIbDhY6AcqPuo57MaexK6lXcrORRy

Score

8^/10

Malware Config

Targets

- Target
  
  3499d32bb1fe8201bc02559e1b352e97ea411bccf4ca651a662d0135566db177
- Size
  
  6.0MB
- MD5
  
  0a4a6952c4fe113579df7d58470d3413
- SHA1
  
  a8eb01d5050996c1664ea1f1e4a9eb07a089f928
- SHA256
  
  3499d32bb1fe8201bc02559e1b352e97ea411bccf4ca651a662d0135566db177
- SHA512
  
  0810832a47f146594b0e3619094b08da04750e43388106040017847a292a974ddb444a17a332793da48432b23952e046867ac9895c35ca4ca7fab16eaa397668
- SSDEEP
  
  98304:DEznIBY/V+PrhYeF5hv89culM+uaOK5ZrdW9PaexK6ls04P2xo33xxOyF+LTRXO:DErIbDhY6AcqPuo57MaexK6lXcrORRy
Score

8^/10
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2