5d9819d130efb87df907b01d7a0d0022affa4d588ff15e04861ab17602758ea5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5858c5acc08f88268910b3c8b3ea9c24
Size

1000KB
Sample

240113-jeaahsfag3
MD5

5858c5acc08f88268910b3c8b3ea9c24
SHA1

9f4267207537a390c153dd1fc3fcfd1265e01e3b
SHA256

5d9819d130efb87df907b01d7a0d0022affa4d588ff15e04861ab17602758ea5
SHA512

fc8aa0299846b8327ccd1c6e3f43350b46310a4d8e9c2516e602f1e164099f0d12cd6a6f98e143fcc320f24e5c5b34fa9bee48e9297de999cc499ddec20e6bf3
SSDEEP

24576:p9FwCTjI0W2po86o/cif6bWua1B+5vMiqt0gj2ed:Rg0NoXo/166qOL

Score

7^/10

Malware Config

Targets

- Target
  
  5858c5acc08f88268910b3c8b3ea9c24
- Size
  
  1000KB
- MD5
  
  5858c5acc08f88268910b3c8b3ea9c24
- SHA1
  
  9f4267207537a390c153dd1fc3fcfd1265e01e3b
- SHA256
  
  5d9819d130efb87df907b01d7a0d0022affa4d588ff15e04861ab17602758ea5
- SHA512
  
  fc8aa0299846b8327ccd1c6e3f43350b46310a4d8e9c2516e602f1e164099f0d12cd6a6f98e143fcc320f24e5c5b34fa9bee48e9297de999cc499ddec20e6bf3
- SSDEEP
  
  24576:p9FwCTjI0W2po86o/cif6bWua1B+5vMiqt0gj2ed:Rg0NoXo/166qOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2