6df8aef49707e3dc4cbd45e1115b99e3e546deefb4078e1f14a21cd50ffb85a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bdc013ba657dc2111e2c1c946cb846f
Size

1000KB
Sample

240115-ck3qpagcg2
MD5

5bdc013ba657dc2111e2c1c946cb846f
SHA1

df4393bfd1a72cf2a000c9d61eb636f7ac5a49be
SHA256

6df8aef49707e3dc4cbd45e1115b99e3e546deefb4078e1f14a21cd50ffb85a3
SHA512

f83fe3ff84b82a4b9c818bf58d4eeca7cfc7fc1a4a8cca8937bb3ef87747782d83b4db59543bbb57c4a5b616cc584bd33b4501858bdbbe595e8684db268a7005
SSDEEP

24576:c5w3+cxyjw/7qL7L4xEOvLa1B+5vMiqt0gj2ed:/3+BjSqr4jzwqOL

Score

7^/10

Malware Config

Targets

- Target
  
  5bdc013ba657dc2111e2c1c946cb846f
- Size
  
  1000KB
- MD5
  
  5bdc013ba657dc2111e2c1c946cb846f
- SHA1
  
  df4393bfd1a72cf2a000c9d61eb636f7ac5a49be
- SHA256
  
  6df8aef49707e3dc4cbd45e1115b99e3e546deefb4078e1f14a21cd50ffb85a3
- SHA512
  
  f83fe3ff84b82a4b9c818bf58d4eeca7cfc7fc1a4a8cca8937bb3ef87747782d83b4db59543bbb57c4a5b616cc584bd33b4501858bdbbe595e8684db268a7005
- SSDEEP
  
  24576:c5w3+cxyjw/7qL7L4xEOvLa1B+5vMiqt0gj2ed:/3+BjSqr4jzwqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2