ae86d7d7151eef17c2bbbdda74ce298362eb874344fdc41a6c542d72f2b0a31b | Triage

Sharing

General

Target

5811412a8cf5b213a4c145ba4f772f12
Size

506KB
Sample

240113-fv9hrscfbq
MD5

5811412a8cf5b213a4c145ba4f772f12
SHA1

f3744207e2263573bffb42afac47236339b5afaa
SHA256

ae86d7d7151eef17c2bbbdda74ce298362eb874344fdc41a6c542d72f2b0a31b
SHA512

0e833c0c5842e4f86793b1f7aa4d952b20b557c6358fc6f679a9206b59e8dc8971d5813f77477f04dc11c9f60091e90897cb4c32c2cc9aef9e1bb27a6648bda4
SSDEEP

12288:QhroMQHJ+srmfVjkkEBAvpbeEkHNUBBPUJRX07NZtnr:gQMmmtjzvAEsNUBBpNZtnr

Score

7^/10

Malware Config

Targets

- Target
  
  5811412a8cf5b213a4c145ba4f772f12
- Size
  
  506KB
- MD5
  
  5811412a8cf5b213a4c145ba4f772f12
- SHA1
  
  f3744207e2263573bffb42afac47236339b5afaa
- SHA256
  
  ae86d7d7151eef17c2bbbdda74ce298362eb874344fdc41a6c542d72f2b0a31b
- SHA512
  
  0e833c0c5842e4f86793b1f7aa4d952b20b557c6358fc6f679a9206b59e8dc8971d5813f77477f04dc11c9f60091e90897cb4c32c2cc9aef9e1bb27a6648bda4
- SSDEEP
  
  12288:QhroMQHJ+srmfVjkkEBAvpbeEkHNUBBPUJRX07NZtnr:gQMmmtjzvAEsNUBBpNZtnr
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2