6cbfe1688619e7fa5833c1bd977600c773de5f645eb2cb18a6bdb687ce2d3aac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

539c983312a60b5865cc5b99275eaed2
Size

1000KB
Sample

240111-qfnymahbh3
MD5

539c983312a60b5865cc5b99275eaed2
SHA1

83d2ddf2e4ec091126b9a7b0853cf7fc50415281
SHA256

6cbfe1688619e7fa5833c1bd977600c773de5f645eb2cb18a6bdb687ce2d3aac
SHA512

55c79449a93dbfca8ddfe47d4e7d6a38e17d4b8e0dee453439e91d3a5d1e9e09e4ac3fe30a2b3e9f540e00c5dbed77c5a8ef65a958713ceae8f7a5308f615efa
SSDEEP

24576:XUqoRTWU5cksNjVWgHht1B+5vMiqt0gj2ed:foR66cksNjVZ/qOL

Score

7^/10

Malware Config

Targets

- Target
  
  539c983312a60b5865cc5b99275eaed2
- Size
  
  1000KB
- MD5
  
  539c983312a60b5865cc5b99275eaed2
- SHA1
  
  83d2ddf2e4ec091126b9a7b0853cf7fc50415281
- SHA256
  
  6cbfe1688619e7fa5833c1bd977600c773de5f645eb2cb18a6bdb687ce2d3aac
- SHA512
  
  55c79449a93dbfca8ddfe47d4e7d6a38e17d4b8e0dee453439e91d3a5d1e9e09e4ac3fe30a2b3e9f540e00c5dbed77c5a8ef65a958713ceae8f7a5308f615efa
- SSDEEP
  
  24576:XUqoRTWU5cksNjVWgHht1B+5vMiqt0gj2ed:foR66cksNjVZ/qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2