b5ed70b476779b394767fea246dbd7c485c1b4d1d1615ed188d6c86c5ee06749 | Triage

Sharing

General

Target

NEAS.64c74017c516766686e28b6ad7b67650.exe
Size

257KB
Sample

231102-xzzykaga75
MD5

64c74017c516766686e28b6ad7b67650
SHA1

970e5d8e68ce545209cde40e32cb8c9d90d702e1
SHA256

b5ed70b476779b394767fea246dbd7c485c1b4d1d1615ed188d6c86c5ee06749
SHA512

fec0486c37cef7287870e748d3976fa8b65adea4f65f09a90a96c49519bc69f2622d82ee461a4611ee591aa76d43cb6ded9a8abd1d1fa52dd9258047209efc06
SSDEEP

6144:lSBePu+AeHzWM3FObg6ytRWbYjBWS7zMas+d+:woPjAeHzt4VytRWMjBp/Mas+c

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.64c74017c516766686e28b6ad7b67650.exe
- Size
  
  257KB
- MD5
  
  64c74017c516766686e28b6ad7b67650
- SHA1
  
  970e5d8e68ce545209cde40e32cb8c9d90d702e1
- SHA256
  
  b5ed70b476779b394767fea246dbd7c485c1b4d1d1615ed188d6c86c5ee06749
- SHA512
  
  fec0486c37cef7287870e748d3976fa8b65adea4f65f09a90a96c49519bc69f2622d82ee461a4611ee591aa76d43cb6ded9a8abd1d1fa52dd9258047209efc06
- SSDEEP
  
  6144:lSBePu+AeHzWM3FObg6ytRWbYjBWS7zMas+d+:woPjAeHzt4VytRWMjBp/Mas+c
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2