830c7fb52e3b658c659f379eaab6b98303f43de57f6c51be9f517fba11ebd471 | Triage

Sharing

General

Target

3f1b4fcf585eed8bf8b6face17262abf.bin
Size

1000KB
Sample

240105-cx8sgahcd2
MD5

3f1b4fcf585eed8bf8b6face17262abf
SHA1

f723b614c5de4f4d02abd71f0bba47489bf37211
SHA256

830c7fb52e3b658c659f379eaab6b98303f43de57f6c51be9f517fba11ebd471
SHA512

44959d5ccd342a0faf33831b8da8e096e685b9d015a3d67778f44096fcee3c8de1a2fadea38a6b579e98b06c27230fead2192d92e2a490f2712befb67a6978f1
SSDEEP

24576:JTgKlHhONl73vFuSj+aTCG1B+5vMiqt0gj2ed:JcDNtFQaTCkqOL

Score

7^/10

Malware Config

Targets

- Target
  
  3f1b4fcf585eed8bf8b6face17262abf.bin
- Size
  
  1000KB
- MD5
  
  3f1b4fcf585eed8bf8b6face17262abf
- SHA1
  
  f723b614c5de4f4d02abd71f0bba47489bf37211
- SHA256
  
  830c7fb52e3b658c659f379eaab6b98303f43de57f6c51be9f517fba11ebd471
- SHA512
  
  44959d5ccd342a0faf33831b8da8e096e685b9d015a3d67778f44096fcee3c8de1a2fadea38a6b579e98b06c27230fead2192d92e2a490f2712befb67a6978f1
- SSDEEP
  
  24576:JTgKlHhONl73vFuSj+aTCG1B+5vMiqt0gj2ed:JcDNtFQaTCkqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2