e1f14a44d63d931b1adc8aa4b7502489d24c61d24867cc5143b738271be30d06 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1f14a44d63d931b1adc8aa4b7502489d24c61d24867cc5143b738271be30d06
Size

2.7MB
Sample

220924-me2asabag9
MD5

533244692811a045ab0196075601a5e8
SHA1

d767e5fd2e2ecfb84c6b698f3da2acb1b45e1101
SHA256

e1f14a44d63d931b1adc8aa4b7502489d24c61d24867cc5143b738271be30d06
SHA512

a2d403c75887dbfb0c423c8ca8d47a6f684f21b91b66ecad7ab2ccf6fab96f5a5a01efaf53fb03d47357dec6edfb5afa9ac9bd5425265fef5c264af9a0ba28b4
SSDEEP

49152:Jcj/tvWu3aPukI16LlRNYn1qgJcwCb9098ebMt0NunlgcMTW72ja:8/t+u3aP1k6ZLYnIg8ebMAu1d

Score

8^/10

Malware Config

Targets

- Target
  
  e1f14a44d63d931b1adc8aa4b7502489d24c61d24867cc5143b738271be30d06
- Size
  
  2.7MB
- MD5
  
  533244692811a045ab0196075601a5e8
- SHA1
  
  d767e5fd2e2ecfb84c6b698f3da2acb1b45e1101
- SHA256
  
  e1f14a44d63d931b1adc8aa4b7502489d24c61d24867cc5143b738271be30d06
- SHA512
  
  a2d403c75887dbfb0c423c8ca8d47a6f684f21b91b66ecad7ab2ccf6fab96f5a5a01efaf53fb03d47357dec6edfb5afa9ac9bd5425265fef5c264af9a0ba28b4
- SSDEEP
  
  49152:Jcj/tvWu3aPukI16LlRNYn1qgJcwCb9098ebMt0NunlgcMTW72ja:8/t+u3aP1k6ZLYnIg8ebMAu1d
Score

8^/10
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2