4de66b7be4a9cee404125a953e21e4df04d6d5652d0eb55173ac364dc193527e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56705f5bcde93cdabeb8ff1db8010e36
Size

506KB
Sample

240112-pgldfsffdj
MD5

56705f5bcde93cdabeb8ff1db8010e36
SHA1

1a77fd48b58eb516863a937c4239a173431f4c9a
SHA256

4de66b7be4a9cee404125a953e21e4df04d6d5652d0eb55173ac364dc193527e
SHA512

4fdde28864092f0862a3319f3efa7f69058e68ba648db5be1a1e7bb70f060578908f7bfa4a4288d29b18549150ac661e716e0411a66f7dbcfd163e283d0141be
SSDEEP

12288:NNQT47bLium+ZmGk0Bwe2RDAwUExAWym+Iq5s7hW1n7Yk72PiNIO60qoEwN:EIKueVRDwEWWym+IQs14/6PUI0q56

Score

7^/10

Malware Config

Targets

- Target
  
  56705f5bcde93cdabeb8ff1db8010e36
- Size
  
  506KB
- MD5
  
  56705f5bcde93cdabeb8ff1db8010e36
- SHA1
  
  1a77fd48b58eb516863a937c4239a173431f4c9a
- SHA256
  
  4de66b7be4a9cee404125a953e21e4df04d6d5652d0eb55173ac364dc193527e
- SHA512
  
  4fdde28864092f0862a3319f3efa7f69058e68ba648db5be1a1e7bb70f060578908f7bfa4a4288d29b18549150ac661e716e0411a66f7dbcfd163e283d0141be
- SSDEEP
  
  12288:NNQT47bLium+ZmGk0Bwe2RDAwUExAWym+Iq5s7hW1n7Yk72PiNIO60qoEwN:EIKueVRDwEWWym+IQs14/6PUI0q56
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2