148880146b8f4570468116fc6f4c22d7a3dddea3edc44ae930701468dd038ffa | Triage

Sharing

General

Target

4c91f101715125b1ea68f5002d8a5593
Size

506KB
Sample

240108-1zse9sdahm
MD5

4c91f101715125b1ea68f5002d8a5593
SHA1

f092c40bd3a64ba835136c951e2f98e5f196f2f2
SHA256

148880146b8f4570468116fc6f4c22d7a3dddea3edc44ae930701468dd038ffa
SHA512

ab06e2ed7fc686658570b4569d56de7320956f7daae45c8b9f95c68029ca84e9bf6298ba9b97439382cfbb12adcf75c125a2fcb88ead5cded09b8ee693f3c92a
SSDEEP

12288:ZPnaoJfS+rkxKE7PAzeSrG6BAKiY/itz13C261raELjkq9:o+WKErAy5S2x3D61GAF9

Score

7^/10

Malware Config

Targets

- Target
  
  4c91f101715125b1ea68f5002d8a5593
- Size
  
  506KB
- MD5
  
  4c91f101715125b1ea68f5002d8a5593
- SHA1
  
  f092c40bd3a64ba835136c951e2f98e5f196f2f2
- SHA256
  
  148880146b8f4570468116fc6f4c22d7a3dddea3edc44ae930701468dd038ffa
- SHA512
  
  ab06e2ed7fc686658570b4569d56de7320956f7daae45c8b9f95c68029ca84e9bf6298ba9b97439382cfbb12adcf75c125a2fcb88ead5cded09b8ee693f3c92a
- SSDEEP
  
  12288:ZPnaoJfS+rkxKE7PAzeSrG6BAKiY/itz13C261raELjkq9:o+WKErAy5S2x3D61GAF9
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2