fecc74aa721e7297f18e9a658a8e4a1de148c81bad596ee21f2e77d90f4c80df | Triage

Sharing

General

Target

54dba09ffda8e11d6cf4fbb7a187c7d9
Size

771KB
Sample

240111-3apn7abbc4
MD5

54dba09ffda8e11d6cf4fbb7a187c7d9
SHA1

52cf6b5a441c914659aa818cfc101851ab4a41c1
SHA256

fecc74aa721e7297f18e9a658a8e4a1de148c81bad596ee21f2e77d90f4c80df
SHA512

365e4661408f85b18eb643625345fc66f68218345f068de2e3af0d060d961aa374285e12ee1f2deadd3c9cadd5771b6b9311f378d05d3a5410a16306bb84026d
SSDEEP

24576:1aR/4A3lhoI3S9E9wmDoRIOfg01B+5vM0:1qbi9E9wmURDgmc

Score

7^/10

Malware Config

Targets

- Target
  
  54dba09ffda8e11d6cf4fbb7a187c7d9
- Size
  
  771KB
- MD5
  
  54dba09ffda8e11d6cf4fbb7a187c7d9
- SHA1
  
  52cf6b5a441c914659aa818cfc101851ab4a41c1
- SHA256
  
  fecc74aa721e7297f18e9a658a8e4a1de148c81bad596ee21f2e77d90f4c80df
- SHA512
  
  365e4661408f85b18eb643625345fc66f68218345f068de2e3af0d060d961aa374285e12ee1f2deadd3c9cadd5771b6b9311f378d05d3a5410a16306bb84026d
- SSDEEP
  
  24576:1aR/4A3lhoI3S9E9wmDoRIOfg01B+5vM0:1qbi9E9wmURDgmc
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2