99e725cf4dd7b836d013e7e4c99b3c8b296f5d398406212a50664261b980d596 | Triage

Sharing

General

Target

53b7e03aef49f8621007b7ac062b455c
Size

535KB
Sample

240111-rfewdsaaf6
MD5

53b7e03aef49f8621007b7ac062b455c
SHA1

0197c730fb2ed0c9322e17330adafbde60c01d4d
SHA256

99e725cf4dd7b836d013e7e4c99b3c8b296f5d398406212a50664261b980d596
SHA512

6613f9cf739d782af0d58ff0bf6d0bf8f9144cae9b6acb9d486b9824719e18c0035505efac5d07c6e98b6dce36f1c9cde1399784f7761721ed66ada470ea7365
SSDEEP

12288:aYHNdtX30ZxjEgUxwVNZ80ihqZdCVze9lqWOvabSw7VgJmQ:vHvkHH3Z8t8dYzOOy5Q

Score

7^/10

Malware Config

Targets

- Target
  
  53b7e03aef49f8621007b7ac062b455c
- Size
  
  535KB
- MD5
  
  53b7e03aef49f8621007b7ac062b455c
- SHA1
  
  0197c730fb2ed0c9322e17330adafbde60c01d4d
- SHA256
  
  99e725cf4dd7b836d013e7e4c99b3c8b296f5d398406212a50664261b980d596
- SHA512
  
  6613f9cf739d782af0d58ff0bf6d0bf8f9144cae9b6acb9d486b9824719e18c0035505efac5d07c6e98b6dce36f1c9cde1399784f7761721ed66ada470ea7365
- SSDEEP
  
  12288:aYHNdtX30ZxjEgUxwVNZ80ihqZdCVze9lqWOvabSw7VgJmQ:vHvkHH3Z8t8dYzOOy5Q
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2