4b4fb44a64e694338337501f468d100f4920338cbcd96e42d9fd66dd1393dd2b | Triage

Sharing

General

Target

7e2e2ca70c3a87b22f04b0cb91fbc30b
Size

506KB
Sample

231226-vdthjsfbg6
MD5

7e2e2ca70c3a87b22f04b0cb91fbc30b
SHA1

f66aef347b09ede6ed8e1a45e8657678618a74ad
SHA256

4b4fb44a64e694338337501f468d100f4920338cbcd96e42d9fd66dd1393dd2b
SHA512

5343271f364cdef18c4bf3487a3797c55dd61df82ef086bff20ca3a8993ddb4098d380a5e90a6c6a5ef867d2cd6afb4b85e629b6d8cdc2c19a564d6abc37f45d
SSDEEP

12288:zn7E3WOGdiFTLa7xme0vTjkvNuxbCoak0aOrWfL5LE3gEQ/Z1ZpC/Fo2NUJpOwiG:QTXEW103gEQAzCh

Score

7^/10

Malware Config

Targets

- Target
  
  7e2e2ca70c3a87b22f04b0cb91fbc30b
- Size
  
  506KB
- MD5
  
  7e2e2ca70c3a87b22f04b0cb91fbc30b
- SHA1
  
  f66aef347b09ede6ed8e1a45e8657678618a74ad
- SHA256
  
  4b4fb44a64e694338337501f468d100f4920338cbcd96e42d9fd66dd1393dd2b
- SHA512
  
  5343271f364cdef18c4bf3487a3797c55dd61df82ef086bff20ca3a8993ddb4098d380a5e90a6c6a5ef867d2cd6afb4b85e629b6d8cdc2c19a564d6abc37f45d
- SSDEEP
  
  12288:zn7E3WOGdiFTLa7xme0vTjkvNuxbCoak0aOrWfL5LE3gEQ/Z1ZpC/Fo2NUJpOwiG:QTXEW103gEQAzCh
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2