0b61ca37c91378ef5cbf05b0b9e35c89c3bef6f191a8b5766cc871ffcbb7fc50 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56257041ae6da5696535d3b7b511eea8
Size

1000KB
Sample

240112-lz35faeef9
MD5

56257041ae6da5696535d3b7b511eea8
SHA1

58136cbdc3da4bccd05a02c10f5db7b4a7da8047
SHA256

0b61ca37c91378ef5cbf05b0b9e35c89c3bef6f191a8b5766cc871ffcbb7fc50
SHA512

6c45a1fd5bae50cf610176eab6b3888c10f4278a2e27deb2d4af48cf14b68cdb0122a6d23695f9946e1e3d3485c2c55960437a0a7379e2081f40d109443561a3
SSDEEP

24576:vK5i+NIzLnWsF7Q9qYe3+81B+5vMiqt0gj2ed:2pOzrWs5Q9qPxqOL

Score

7^/10

Malware Config

Targets

- Target
  
  56257041ae6da5696535d3b7b511eea8
- Size
  
  1000KB
- MD5
  
  56257041ae6da5696535d3b7b511eea8
- SHA1
  
  58136cbdc3da4bccd05a02c10f5db7b4a7da8047
- SHA256
  
  0b61ca37c91378ef5cbf05b0b9e35c89c3bef6f191a8b5766cc871ffcbb7fc50
- SHA512
  
  6c45a1fd5bae50cf610176eab6b3888c10f4278a2e27deb2d4af48cf14b68cdb0122a6d23695f9946e1e3d3485c2c55960437a0a7379e2081f40d109443561a3
- SSDEEP
  
  24576:vK5i+NIzLnWsF7Q9qYe3+81B+5vMiqt0gj2ed:2pOzrWs5Q9qPxqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2