9d1b3af781ebed4d665952b596cb35c9cec0a17ee12bee5d51a87249a2782524 | Triage

Sharing

General

Target

4295346ce8f8f44490ac246383539854
Size

1000KB
Sample

240105-dd7lqsgfbl
MD5

4295346ce8f8f44490ac246383539854
SHA1

37e770722c0fd0445e8bfafce20177186b524abd
SHA256

9d1b3af781ebed4d665952b596cb35c9cec0a17ee12bee5d51a87249a2782524
SHA512

84de043c719defa5d5665872e3aae661f982ab5a8936dbcc618358e29709a00850341ec03a1f18539aebdade064511396936e0df5511cc7986a3d27c7278b951
SSDEEP

24576:5iSa15KbbUbv8/KZMuwf1B+5vMiqt0gj2ed:rUm0MR/qOL

Score

7^/10

Malware Config

Targets

- Target
  
  4295346ce8f8f44490ac246383539854
- Size
  
  1000KB
- MD5
  
  4295346ce8f8f44490ac246383539854
- SHA1
  
  37e770722c0fd0445e8bfafce20177186b524abd
- SHA256
  
  9d1b3af781ebed4d665952b596cb35c9cec0a17ee12bee5d51a87249a2782524
- SHA512
  
  84de043c719defa5d5665872e3aae661f982ab5a8936dbcc618358e29709a00850341ec03a1f18539aebdade064511396936e0df5511cc7986a3d27c7278b951
- SSDEEP
  
  24576:5iSa15KbbUbv8/KZMuwf1B+5vMiqt0gj2ed:rUm0MR/qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2