9ee0093ab157cb90e0c2179c1517e9be08519cc16765b594241c6d1340a67140 | Triage

Sharing

General

Target

57592ea2c66f6380ddc3cc001a12c947
Size

241KB
Sample

240112-yhm34sedal
MD5

57592ea2c66f6380ddc3cc001a12c947
SHA1

41b28aa96e5bbbff1dc4727aeba533a40fe41be8
SHA256

9ee0093ab157cb90e0c2179c1517e9be08519cc16765b594241c6d1340a67140
SHA512

b9cea9b33f925ad1f93961313797568f36d9136c96fead91e19a6df4dd282f23733d45baef07e53f2bf7cbc404afb892de8e0a44f8e06149b31b6f783dcdcc19
SSDEEP

6144:FLgndA9Fzc9/b9cTzh31x5ZNs0j1pUF7c7P/5RUt2ANw:FLgwFS/C/hf5Za4EC/5RUt2P

Score

7^/10

Malware Config

Targets

- Target
  
  57592ea2c66f6380ddc3cc001a12c947
- Size
  
  241KB
- MD5
  
  57592ea2c66f6380ddc3cc001a12c947
- SHA1
  
  41b28aa96e5bbbff1dc4727aeba533a40fe41be8
- SHA256
  
  9ee0093ab157cb90e0c2179c1517e9be08519cc16765b594241c6d1340a67140
- SHA512
  
  b9cea9b33f925ad1f93961313797568f36d9136c96fead91e19a6df4dd282f23733d45baef07e53f2bf7cbc404afb892de8e0a44f8e06149b31b6f783dcdcc19
- SSDEEP
  
  6144:FLgndA9Fzc9/b9cTzh31x5ZNs0j1pUF7c7P/5RUt2ANw:FLgwFS/C/hf5Za4EC/5RUt2P
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2