7da3e295f44b0e9a5c81ca11a0f408d460c7bff56e3bf72f8fdd36af558fa8b4 | Triage

Sharing

General

Target

41a83a730b9ced8a7ee2d1144b23a7d7
Size

506KB
Sample

240104-xl1myahaen
MD5

41a83a730b9ced8a7ee2d1144b23a7d7
SHA1

da786d4cfed1585b35b366d85c5b436fcb1d7464
SHA256

7da3e295f44b0e9a5c81ca11a0f408d460c7bff56e3bf72f8fdd36af558fa8b4
SHA512

33597ad83291d1797f4f7bac72d2e90bcf028bc549082de9f68ab1124bc7a34ce8df7dec3dc7ff86d94b2106f27e40d1c4ddc05401fea2aa23b9029044bc2226
SSDEEP

12288:+PgX44XAvmF1UYn23AyZRhn0Q4GYIqARtY/yB4:+Pg1XHFOq23JZfEG5m/64

Score

7^/10

Malware Config

Targets

- Target
  
  41a83a730b9ced8a7ee2d1144b23a7d7
- Size
  
  506KB
- MD5
  
  41a83a730b9ced8a7ee2d1144b23a7d7
- SHA1
  
  da786d4cfed1585b35b366d85c5b436fcb1d7464
- SHA256
  
  7da3e295f44b0e9a5c81ca11a0f408d460c7bff56e3bf72f8fdd36af558fa8b4
- SHA512
  
  33597ad83291d1797f4f7bac72d2e90bcf028bc549082de9f68ab1124bc7a34ce8df7dec3dc7ff86d94b2106f27e40d1c4ddc05401fea2aa23b9029044bc2226
- SSDEEP
  
  12288:+PgX44XAvmF1UYn23AyZRhn0Q4GYIqARtY/yB4:+Pg1XHFOq23JZfEG5m/64
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2