a832c6c96a31075ab3f04e37f40e542d75c5f7b88e80574e283845bd35a01d11 | Triage

Sharing

General

Target

506d442f550ae7277c111faa9d7bde6f
Size

506KB
Sample

240110-njcnnafda2
MD5

506d442f550ae7277c111faa9d7bde6f
SHA1

d2188d5ecd021a2eedc19001ac06e510638b4100
SHA256

a832c6c96a31075ab3f04e37f40e542d75c5f7b88e80574e283845bd35a01d11
SHA512

b545b4d33266db0f30ce9e6d0eb10a4076800e2cea77752c513ab20673cff63b99b5c4b9388795ae3b9755eea99aa6ef17dd5e1419980c728bcacc785cc12b17
SSDEEP

12288:KFDI9l8n7+kgyp4vaDD+TPMbJM5UzRXzui3UDuZjNG2wzLDiOcy:xs7+k/KaDWUxz9v3PNx8l

Score

7^/10

Malware Config

Targets

- Target
  
  506d442f550ae7277c111faa9d7bde6f
- Size
  
  506KB
- MD5
  
  506d442f550ae7277c111faa9d7bde6f
- SHA1
  
  d2188d5ecd021a2eedc19001ac06e510638b4100
- SHA256
  
  a832c6c96a31075ab3f04e37f40e542d75c5f7b88e80574e283845bd35a01d11
- SHA512
  
  b545b4d33266db0f30ce9e6d0eb10a4076800e2cea77752c513ab20673cff63b99b5c4b9388795ae3b9755eea99aa6ef17dd5e1419980c728bcacc785cc12b17
- SSDEEP
  
  12288:KFDI9l8n7+kgyp4vaDD+TPMbJM5UzRXzui3UDuZjNG2wzLDiOcy:xs7+k/KaDWUxz9v3PNx8l
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2