cfc17220cc27f6db2bc14708bd57c1d34fb64c598669e5db98e05a2b582dbe1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cf63be17f4a3a731b89070570862328
Size

1000KB
Sample

240101-qkcq6aebf4
MD5

3cf63be17f4a3a731b89070570862328
SHA1

000b76dfed3859062adc56e442c088eb4d97ebdc
SHA256

cfc17220cc27f6db2bc14708bd57c1d34fb64c598669e5db98e05a2b582dbe1e
SHA512

fce8bc5ac68ebfb3616297a57425aede2946f59f6e8f1ed3b266c053dddccc72ace172a943085f4849f8557f8bfbff456fccc422a39b20409e00be8312c53b9c
SSDEEP

24576:lUuGwj6nAcdPfs5F4G1B+5vMiqt0gj2ed:AfAi+F4kqOL

Score

7^/10

Malware Config

Targets

- Target
  
  3cf63be17f4a3a731b89070570862328
- Size
  
  1000KB
- MD5
  
  3cf63be17f4a3a731b89070570862328
- SHA1
  
  000b76dfed3859062adc56e442c088eb4d97ebdc
- SHA256
  
  cfc17220cc27f6db2bc14708bd57c1d34fb64c598669e5db98e05a2b582dbe1e
- SHA512
  
  fce8bc5ac68ebfb3616297a57425aede2946f59f6e8f1ed3b266c053dddccc72ace172a943085f4849f8557f8bfbff456fccc422a39b20409e00be8312c53b9c
- SSDEEP
  
  24576:lUuGwj6nAcdPfs5F4G1B+5vMiqt0gj2ed:AfAi+F4kqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2