ad2081c85e7ca326887f2f9bd2349ada67577279bb8fcdcb59561d5f12575e29 | Triage

Sharing

General

Target

537b6c64b619d34bae71c68127736081
Size

506KB
Sample

240111-pb8xkafeej
MD5

537b6c64b619d34bae71c68127736081
SHA1

cff82c27e034f1b6195a2058d6bd863a3f604f63
SHA256

ad2081c85e7ca326887f2f9bd2349ada67577279bb8fcdcb59561d5f12575e29
SHA512

5a77c77a9fad2ab0af5e4e74a26bfe4194df35280e484ca9cdad8b73a292b767013e75efb5d6e98d89b3ed32a1435f1c221a97151eeb42009e2464a609d2b189
SSDEEP

12288:22DPOAeT6AhEQtj/HWMZUCeJtbEgO8la5zQelR6e7S2:LPU60bx/HdUCe0gO8la68S2

Score

7^/10

Malware Config

Targets

- Target
  
  537b6c64b619d34bae71c68127736081
- Size
  
  506KB
- MD5
  
  537b6c64b619d34bae71c68127736081
- SHA1
  
  cff82c27e034f1b6195a2058d6bd863a3f604f63
- SHA256
  
  ad2081c85e7ca326887f2f9bd2349ada67577279bb8fcdcb59561d5f12575e29
- SHA512
  
  5a77c77a9fad2ab0af5e4e74a26bfe4194df35280e484ca9cdad8b73a292b767013e75efb5d6e98d89b3ed32a1435f1c221a97151eeb42009e2464a609d2b189
- SSDEEP
  
  12288:22DPOAeT6AhEQtj/HWMZUCeJtbEgO8la5zQelR6e7S2:LPU60bx/HdUCe0gO8la68S2
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2