9b47761635a1ff675a07fe5be0ebe180bf56a7f56bfdb43cc929b2dc0c6648a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64fe721e11dd79678cbe9cb58884d737
Size

506KB
Sample

240118-kv7rdsghe6
MD5

64fe721e11dd79678cbe9cb58884d737
SHA1

8845c733179b02f657b9f11a30f077f88013268d
SHA256

9b47761635a1ff675a07fe5be0ebe180bf56a7f56bfdb43cc929b2dc0c6648a8
SHA512

54d8cd91893dce4f85b257e506c22140669cd5d90bdc526e2c8ebaa83768a8ff05da47a2df243f4fefe06bbf835edadc729720ad9ca45edb8770725571b9562f
SSDEEP

12288:Q+uPEQ2qyzdVlxUwzQcP/u3ynnHd7F96yPsziRjbcMljD:Q6D7XUwP3nH/96yPsONcMx

Score

7^/10

Malware Config

Targets

- Target
  
  64fe721e11dd79678cbe9cb58884d737
- Size
  
  506KB
- MD5
  
  64fe721e11dd79678cbe9cb58884d737
- SHA1
  
  8845c733179b02f657b9f11a30f077f88013268d
- SHA256
  
  9b47761635a1ff675a07fe5be0ebe180bf56a7f56bfdb43cc929b2dc0c6648a8
- SHA512
  
  54d8cd91893dce4f85b257e506c22140669cd5d90bdc526e2c8ebaa83768a8ff05da47a2df243f4fefe06bbf835edadc729720ad9ca45edb8770725571b9562f
- SSDEEP
  
  12288:Q+uPEQ2qyzdVlxUwzQcP/u3ynnHd7F96yPsziRjbcMljD:Q6D7XUwP3nH/96yPsONcMx
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2