f7d65ca5f001f1aa91cb78721000edfdad981d31128000d627240e9d14731b99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cfd237a6ffd85fb041b647d6f91371e
Size

855KB
Sample

240109-bxyrtsaedj
MD5

4cfd237a6ffd85fb041b647d6f91371e
SHA1

fabc1fc05e5f1cc3b64cd93c7e4da084693fb186
SHA256

f7d65ca5f001f1aa91cb78721000edfdad981d31128000d627240e9d14731b99
SHA512

f44853e18ea7ee0af8cf6cf7581a01f76618b68a49a1472da02e1d0f752afa48c30eb168ff9b878a9f65c798e3258f475840227ca1f54d6656efc9eb4596c3f2
SSDEEP

12288:lXueCFMXQ94t0sOzpf9rg6Q4wSkJd0+yTW+v80D3Fo2F8IECaBwQ2tb5JLrnylU6:lXuhOSsed9ESh+uRd7FocU1B+5vMiqx

Score

7^/10

Malware Config

Targets

- Target
  
  4cfd237a6ffd85fb041b647d6f91371e
- Size
  
  855KB
- MD5
  
  4cfd237a6ffd85fb041b647d6f91371e
- SHA1
  
  fabc1fc05e5f1cc3b64cd93c7e4da084693fb186
- SHA256
  
  f7d65ca5f001f1aa91cb78721000edfdad981d31128000d627240e9d14731b99
- SHA512
  
  f44853e18ea7ee0af8cf6cf7581a01f76618b68a49a1472da02e1d0f752afa48c30eb168ff9b878a9f65c798e3258f475840227ca1f54d6656efc9eb4596c3f2
- SSDEEP
  
  12288:lXueCFMXQ94t0sOzpf9rg6Q4wSkJd0+yTW+v80D3Fo2F8IECaBwQ2tb5JLrnylU6:lXuhOSsed9ESh+uRd7FocU1B+5vMiqx
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2