47f9738c59020ab6b0d613e3968a2ee26934345f1fd76e8506efcc81549a1eec | Triage

Sharing

General

Target

4a989fa71396e54cdc7d09844e9a9b1f
Size

506KB
Sample

240108-gf53gadbf3
MD5

4a989fa71396e54cdc7d09844e9a9b1f
SHA1

beb7d5db06b32233947954b43518fc649ce9abbd
SHA256

47f9738c59020ab6b0d613e3968a2ee26934345f1fd76e8506efcc81549a1eec
SHA512

d4659c110a0ca18f632628b7d454e4dd0a4fcb7527dd42290ae437245d0efe401c0686bb8f9ab1b75cd02deff60f873d1296407ac54d8f0419b43fdf2f635b9c
SSDEEP

12288:bd2DhG+ODmEm31agYDaSDjTwytaza9Y1OGtI1QXKYFc7jDj:wQ+REm31XeaSIza9GaYFAL

Score

7^/10

Malware Config

Targets

- Target
  
  4a989fa71396e54cdc7d09844e9a9b1f
- Size
  
  506KB
- MD5
  
  4a989fa71396e54cdc7d09844e9a9b1f
- SHA1
  
  beb7d5db06b32233947954b43518fc649ce9abbd
- SHA256
  
  47f9738c59020ab6b0d613e3968a2ee26934345f1fd76e8506efcc81549a1eec
- SHA512
  
  d4659c110a0ca18f632628b7d454e4dd0a4fcb7527dd42290ae437245d0efe401c0686bb8f9ab1b75cd02deff60f873d1296407ac54d8f0419b43fdf2f635b9c
- SSDEEP
  
  12288:bd2DhG+ODmEm31agYDaSDjTwytaza9Y1OGtI1QXKYFc7jDj:wQ+REm31XeaSIza9GaYFAL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2