b778d56f07e313698cbffcd2da113664bd53507f10d4795d58984a1c635feca8 | Triage

Sharing

General

Target

3f29cd0cfb5491555e73d139f7b22571
Size

1000KB
Sample

240103-17rtpsbegl
MD5

3f29cd0cfb5491555e73d139f7b22571
SHA1

134f47ae6a880fa204158f05e8a09d214455b25b
SHA256

b778d56f07e313698cbffcd2da113664bd53507f10d4795d58984a1c635feca8
SHA512

864474453a7346a53cba24f0baa70a37e01b339e776fc704286ef8da2ca3e9e21e6b4a862e9bf945d695bbd7c9a49c571090a11b4d50538f5e79393f158883c3
SSDEEP

24576:tgdg8/WBaQX/Heu6e8elM41B+5vMiqt0gj2ed:N7/QSqOL

Score

7^/10

Malware Config

Targets

- Target
  
  3f29cd0cfb5491555e73d139f7b22571
- Size
  
  1000KB
- MD5
  
  3f29cd0cfb5491555e73d139f7b22571
- SHA1
  
  134f47ae6a880fa204158f05e8a09d214455b25b
- SHA256
  
  b778d56f07e313698cbffcd2da113664bd53507f10d4795d58984a1c635feca8
- SHA512
  
  864474453a7346a53cba24f0baa70a37e01b339e776fc704286ef8da2ca3e9e21e6b4a862e9bf945d695bbd7c9a49c571090a11b4d50538f5e79393f158883c3
- SSDEEP
  
  24576:tgdg8/WBaQX/Heu6e8elM41B+5vMiqt0gj2ed:N7/QSqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2