565cfacba6993d9502dcf0fe3f2d6fe9cf06f307adb18fede585b75b3acb50c4 | Triage

Sharing

General

Target

37785a8f7ec3870554346ffcd864dbee
Size

1000KB
Sample

231231-qfx7asgefm
MD5

37785a8f7ec3870554346ffcd864dbee
SHA1

99433ac4eef7fc441809b2f9264b1e5a4078f50d
SHA256

565cfacba6993d9502dcf0fe3f2d6fe9cf06f307adb18fede585b75b3acb50c4
SHA512

ec7774d922273212cc97df20fe16c387a45f729a240a48ecbd2ef0bbbefcb2a5b7717ca01bc315738bc3789890a66b5ef9fa35148b5a79c5bab71b0facf54e8f
SSDEEP

24576:dkOlNnsSDfRIGcWPjXwGMZGRjf58/qnmGn/PBZU2O9HBExTjgcXre971B+5vMiqd:5nl1kWPjXzCKYqOL

Score

7^/10

Malware Config

Targets

- Target
  
  37785a8f7ec3870554346ffcd864dbee
- Size
  
  1000KB
- MD5
  
  37785a8f7ec3870554346ffcd864dbee
- SHA1
  
  99433ac4eef7fc441809b2f9264b1e5a4078f50d
- SHA256
  
  565cfacba6993d9502dcf0fe3f2d6fe9cf06f307adb18fede585b75b3acb50c4
- SHA512
  
  ec7774d922273212cc97df20fe16c387a45f729a240a48ecbd2ef0bbbefcb2a5b7717ca01bc315738bc3789890a66b5ef9fa35148b5a79c5bab71b0facf54e8f
- SSDEEP
  
  24576:dkOlNnsSDfRIGcWPjXwGMZGRjf58/qnmGn/PBZU2O9HBExTjgcXre971B+5vMiqd:5nl1kWPjXzCKYqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2