a631a17a51458f8dadaaac912513514d3988e1fee22a2a5a8820e8bbba4c100d | Triage

Sharing

General

Target

53814b3d1a2611c1586c942b16c7b361
Size

506KB
Sample

240111-pjx52affgj
MD5

53814b3d1a2611c1586c942b16c7b361
SHA1

2819c836d15b5ef3cc9798708adbad047992161d
SHA256

a631a17a51458f8dadaaac912513514d3988e1fee22a2a5a8820e8bbba4c100d
SHA512

516e479d4a9eaaca5cbead39e4092c40c9de85280322f63f46d3505bd3cebff98e9d7c03b100e0ae74a1792125fb303006d3c8e8fb0b1b393300e4b0ae91b248
SSDEEP

12288:IbVcoM5XAybv4Juw5Kd6YoOgNmgqnD3dk:6SD49KgYlmmbm

Score

7^/10

Malware Config

Targets

- Target
  
  53814b3d1a2611c1586c942b16c7b361
- Size
  
  506KB
- MD5
  
  53814b3d1a2611c1586c942b16c7b361
- SHA1
  
  2819c836d15b5ef3cc9798708adbad047992161d
- SHA256
  
  a631a17a51458f8dadaaac912513514d3988e1fee22a2a5a8820e8bbba4c100d
- SHA512
  
  516e479d4a9eaaca5cbead39e4092c40c9de85280322f63f46d3505bd3cebff98e9d7c03b100e0ae74a1792125fb303006d3c8e8fb0b1b393300e4b0ae91b248
- SSDEEP
  
  12288:IbVcoM5XAybv4Juw5Kd6YoOgNmgqnD3dk:6SD49KgYlmmbm
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2