be8ffc0c91b5e447946d1892d0119251f0b514dbd490045d402dc9e1e2fed2a0 | Triage

Sharing

General

Target

464411f0c7db8b5f8eec494db82f3d4f
Size

1000KB
Sample

240106-p1qghshge2
MD5

464411f0c7db8b5f8eec494db82f3d4f
SHA1

6ec326eb141c267b28ea263d619c0f58e509e16a
SHA256

be8ffc0c91b5e447946d1892d0119251f0b514dbd490045d402dc9e1e2fed2a0
SHA512

bce62c9c3b4c4959bec88e18f7b46d10847d1e073cdfa74d11a2fa6c07fa5180f5d49103f1f1f8787f83e06348270fca153fcd7c59cb80be3235fbb5f5f48bb1
SSDEEP

12288:sxcDxsHNiBnHTvB0EOvrehS1VECaBwQ2tb5JLrnylUPqt0gHDS7eyod:DmHynHjB0EmrehS81B+5vMiqt0gj2ed

Score

7^/10

Malware Config

Targets

- Target
  
  464411f0c7db8b5f8eec494db82f3d4f
- Size
  
  1000KB
- MD5
  
  464411f0c7db8b5f8eec494db82f3d4f
- SHA1
  
  6ec326eb141c267b28ea263d619c0f58e509e16a
- SHA256
  
  be8ffc0c91b5e447946d1892d0119251f0b514dbd490045d402dc9e1e2fed2a0
- SHA512
  
  bce62c9c3b4c4959bec88e18f7b46d10847d1e073cdfa74d11a2fa6c07fa5180f5d49103f1f1f8787f83e06348270fca153fcd7c59cb80be3235fbb5f5f48bb1
- SSDEEP
  
  12288:sxcDxsHNiBnHTvB0EOvrehS1VECaBwQ2tb5JLrnylUPqt0gHDS7eyod:DmHynHjB0EmrehS81B+5vMiqt0gj2ed
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2