d73f013084c2c07a5b463e9080be419da464fe8534ed68b55b13f61687ea8793 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49eee06d5c87d5ae706c4450be9daf5d
Size

1000KB
Sample

240107-2cl6eafdhl
MD5

49eee06d5c87d5ae706c4450be9daf5d
SHA1

a560de835ddf0d5f430cd891383f3b4a10db4fdd
SHA256

d73f013084c2c07a5b463e9080be419da464fe8534ed68b55b13f61687ea8793
SHA512

314e51d3300e7081267a8aa6c4a84bdcb3c6212a78f7e0cda00fe54327d4029e24ca835aa2df2eb3d7b93ff359a0b20bef712146c6acba07aa53d36c6d5d89b6
SSDEEP

24576:WsemtTWfypdjI0ixlaEnNBzd7fVL1B+5vMiqt0gj2ed:feYCf6d00ihnNBR7hqOL

Score

7^/10

Malware Config

Targets

- Target
  
  49eee06d5c87d5ae706c4450be9daf5d
- Size
  
  1000KB
- MD5
  
  49eee06d5c87d5ae706c4450be9daf5d
- SHA1
  
  a560de835ddf0d5f430cd891383f3b4a10db4fdd
- SHA256
  
  d73f013084c2c07a5b463e9080be419da464fe8534ed68b55b13f61687ea8793
- SHA512
  
  314e51d3300e7081267a8aa6c4a84bdcb3c6212a78f7e0cda00fe54327d4029e24ca835aa2df2eb3d7b93ff359a0b20bef712146c6acba07aa53d36c6d5d89b6
- SSDEEP
  
  24576:WsemtTWfypdjI0ixlaEnNBzd7fVL1B+5vMiqt0gj2ed:feYCf6d00ihnNBR7hqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2