777907e460c3683666b57f3cba307fc2ec36c85ef383b87974954385e1a091d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

582ca5d22d1f6491710a495d9b8daa8a
Size

535KB
Sample

240113-gt2bfadhh7
MD5

582ca5d22d1f6491710a495d9b8daa8a
SHA1

dbb3f337e197af145b1963dec44c75501fe717c2
SHA256

777907e460c3683666b57f3cba307fc2ec36c85ef383b87974954385e1a091d8
SHA512

96dafc8332fc7566c077541ea86792af1ab5bb5436b542ca9ef9d61c287104214ddf54c60585cce9905d54c8f8b1b44f6f67f13ba7740af7f04da69623a56b05
SSDEEP

12288:KVoNih3ODZaK1y6Q85yKCVze9lqWOvabSw7VgJmQ:yha0nKYzOOy5Q

Score

7^/10

Malware Config

Targets

- Target
  
  582ca5d22d1f6491710a495d9b8daa8a
- Size
  
  535KB
- MD5
  
  582ca5d22d1f6491710a495d9b8daa8a
- SHA1
  
  dbb3f337e197af145b1963dec44c75501fe717c2
- SHA256
  
  777907e460c3683666b57f3cba307fc2ec36c85ef383b87974954385e1a091d8
- SHA512
  
  96dafc8332fc7566c077541ea86792af1ab5bb5436b542ca9ef9d61c287104214ddf54c60585cce9905d54c8f8b1b44f6f67f13ba7740af7f04da69623a56b05
- SSDEEP
  
  12288:KVoNih3ODZaK1y6Q85yKCVze9lqWOvabSw7VgJmQ:yha0nKYzOOy5Q
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2