f00bf72f53a170668d43b69fcff3db148513d8a52f3a8aec0f9a41f285b77272 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4234fe24bb1b9a2ef36b97dd745db1ad
Size

1000KB
Sample

240104-3le9wsefg4
MD5

4234fe24bb1b9a2ef36b97dd745db1ad
SHA1

cd4a044ebddc309193b5c4c83e56e6cda272c399
SHA256

f00bf72f53a170668d43b69fcff3db148513d8a52f3a8aec0f9a41f285b77272
SHA512

31f42132cec449417e0c3d46c3839b723f99234824657140c1c7c129a2f4a33c824320435f08956e197f370d744c3265c727fe340d327bdd7e65be092a4db164
SSDEEP

24576:lJZ73kKvUITyRl9BCISOFfrh1B+5vMiqt0gj2ed:PiKvUIa9pjdqOL

Score

7^/10

Malware Config

Targets

- Target
  
  4234fe24bb1b9a2ef36b97dd745db1ad
- Size
  
  1000KB
- MD5
  
  4234fe24bb1b9a2ef36b97dd745db1ad
- SHA1
  
  cd4a044ebddc309193b5c4c83e56e6cda272c399
- SHA256
  
  f00bf72f53a170668d43b69fcff3db148513d8a52f3a8aec0f9a41f285b77272
- SHA512
  
  31f42132cec449417e0c3d46c3839b723f99234824657140c1c7c129a2f4a33c824320435f08956e197f370d744c3265c727fe340d327bdd7e65be092a4db164
- SSDEEP
  
  24576:lJZ73kKvUITyRl9BCISOFfrh1B+5vMiqt0gj2ed:PiKvUIa9pjdqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2