fb93b3197c7e85e672ac9fa1a7895b241f4cd932e40ce21ab5f3d06f4fbc4cfc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

534ba85ab21c5c7d73e099e7b16b63c1
Size

1000KB
Sample

240111-mqcfssfac7
MD5

534ba85ab21c5c7d73e099e7b16b63c1
SHA1

273a719900b96a3a0477c4e565c67742546fba1d
SHA256

fb93b3197c7e85e672ac9fa1a7895b241f4cd932e40ce21ab5f3d06f4fbc4cfc
SHA512

d941a341a0e41c87cb6efc0c0b91a4ca232168373e6c6e8208a91ec90cd57bf75fcd0589e7bc47c2f1cb7a896dca8fcaef838fa49c35feec89f85af11a3bcc74
SSDEEP

24576:TYIRTkFDtDPxGfZppplEpImBahMr1B+5vMiqt0gj2ed:JtkfYfBeIdujqOL

Score

7^/10

Malware Config

Targets

- Target
  
  534ba85ab21c5c7d73e099e7b16b63c1
- Size
  
  1000KB
- MD5
  
  534ba85ab21c5c7d73e099e7b16b63c1
- SHA1
  
  273a719900b96a3a0477c4e565c67742546fba1d
- SHA256
  
  fb93b3197c7e85e672ac9fa1a7895b241f4cd932e40ce21ab5f3d06f4fbc4cfc
- SHA512
  
  d941a341a0e41c87cb6efc0c0b91a4ca232168373e6c6e8208a91ec90cd57bf75fcd0589e7bc47c2f1cb7a896dca8fcaef838fa49c35feec89f85af11a3bcc74
- SSDEEP
  
  24576:TYIRTkFDtDPxGfZppplEpImBahMr1B+5vMiqt0gj2ed:JtkfYfBeIdujqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2