e405badd0fa6a77298949da92a1dbaab52ab1f3132ce711f9483b5bee16fd863 | Triage

Sharing

General

Target

580d96933c3b09ec49c014fd44d8b0dd
Size

1000KB
Sample

240113-fqkzlsceej
MD5

580d96933c3b09ec49c014fd44d8b0dd
SHA1

946c94460619ac7e64cd9a04b46900a9ee802463
SHA256

e405badd0fa6a77298949da92a1dbaab52ab1f3132ce711f9483b5bee16fd863
SHA512

74faa84b22f3ba5e92bc237471bf630ad4155ac1b45d3bf13f01d65245661b884287d72d004aabcc352b6fdaf11f3a70fc0f92555e8e84ca618c1b93478b3b6d
SSDEEP

24576:O/wkoY+vmAMbJ063OBr1B+5vMiqt0gj2ed:OIkdpbJ063OBjqOL

Score

7^/10

Malware Config

Targets

- Target
  
  580d96933c3b09ec49c014fd44d8b0dd
- Size
  
  1000KB
- MD5
  
  580d96933c3b09ec49c014fd44d8b0dd
- SHA1
  
  946c94460619ac7e64cd9a04b46900a9ee802463
- SHA256
  
  e405badd0fa6a77298949da92a1dbaab52ab1f3132ce711f9483b5bee16fd863
- SHA512
  
  74faa84b22f3ba5e92bc237471bf630ad4155ac1b45d3bf13f01d65245661b884287d72d004aabcc352b6fdaf11f3a70fc0f92555e8e84ca618c1b93478b3b6d
- SSDEEP
  
  24576:O/wkoY+vmAMbJ063OBr1B+5vMiqt0gj2ed:OIkdpbJ063OBjqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2