Overview

overview

7

Static

static

3

43da4a5b49...0f.exe

windows7-x64

7

43da4a5b49...0f.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    43da4a5b49ccb925b25e60f22431240f

  • Size

    506KB

  • Sample

    240105-q65ztsecf5

  • MD5

    43da4a5b49ccb925b25e60f22431240f

  • SHA1

    558dc8562122e1f7649ce1fd61f931de34591115

  • SHA256

    4cd58ee727fe0fb78a9057c153bd197496e929ba0d635532c5fdd8c052d36907

  • SHA512

    4e3d363f66bf0b1c620b0854d635e3b64c9cdbfc41efb49f33565afc1ebc6815742e983a83c924a7b9284b8a4c3e65b10f37ca6dc747f9426aac444c5904810b

  • SSDEEP

    12288:GKp/JnyLvCDRvZmMQRPjI1goM/iw509IjC:NlyLWX+bI1jw091

Score
7/10

Malware Config

Targets

    • Target

      43da4a5b49ccb925b25e60f22431240f

    • Size

      506KB

    • MD5

      43da4a5b49ccb925b25e60f22431240f

    • SHA1

      558dc8562122e1f7649ce1fd61f931de34591115

    • SHA256

      4cd58ee727fe0fb78a9057c153bd197496e929ba0d635532c5fdd8c052d36907

    • SHA512

      4e3d363f66bf0b1c620b0854d635e3b64c9cdbfc41efb49f33565afc1ebc6815742e983a83c924a7b9284b8a4c3e65b10f37ca6dc747f9426aac444c5904810b

    • SSDEEP

      12288:GKp/JnyLvCDRvZmMQRPjI1goM/iw509IjC:NlyLWX+bI1jw091

    Score
    7/10

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks