d8c9ccdb1b904508ca005a3881d51bcea9af29842f834fc90af135eecb46dcad | Triage

Sharing

General

Target

4e2c7d2b9f53eba21adda96b4f20c7c2
Size

506KB
Sample

240109-njd7gsgcdr
MD5

4e2c7d2b9f53eba21adda96b4f20c7c2
SHA1

c5c8a3f25cb5857a9d0b6ddf674e323de335beb5
SHA256

d8c9ccdb1b904508ca005a3881d51bcea9af29842f834fc90af135eecb46dcad
SHA512

ebaa4edb8922031935c80f626a5d08dc4c4485de6ae1935a6a455a5a6b8c11d8d9fb829e4dff38ff1d8f61caa22563d0f3f72e7d989882503f43480ad8cbb77f
SSDEEP

6144:C161TX5oeV2D0XdazMeRcri7vVdXegm6Y8Oq9/S+Pxx++7YdL5JtaDg3ELhmli5T:Cg1VIkdeRcGPo6/yQvN8TNc5UbXnA

Score

7^/10

Malware Config

Targets

- Target
  
  4e2c7d2b9f53eba21adda96b4f20c7c2
- Size
  
  506KB
- MD5
  
  4e2c7d2b9f53eba21adda96b4f20c7c2
- SHA1
  
  c5c8a3f25cb5857a9d0b6ddf674e323de335beb5
- SHA256
  
  d8c9ccdb1b904508ca005a3881d51bcea9af29842f834fc90af135eecb46dcad
- SHA512
  
  ebaa4edb8922031935c80f626a5d08dc4c4485de6ae1935a6a455a5a6b8c11d8d9fb829e4dff38ff1d8f61caa22563d0f3f72e7d989882503f43480ad8cbb77f
- SSDEEP
  
  6144:C161TX5oeV2D0XdazMeRcri7vVdXegm6Y8Oq9/S+Pxx++7YdL5JtaDg3ELhmli5T:Cg1VIkdeRcGPo6/yQvN8TNc5UbXnA
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2