6d6bd50f7fd352a1427ad0841d7d87e99b5158aaaa2931241c1d6191b326cd72 | Triage

Sharing

General

Target

6592b83e67f38d722803443ff8dd8540
Size

506KB
Sample

240118-vnzsbaeec2
MD5

6592b83e67f38d722803443ff8dd8540
SHA1

a3e66f1be1b1f5821f26ac65ad67b28b78d0f0ce
SHA256

6d6bd50f7fd352a1427ad0841d7d87e99b5158aaaa2931241c1d6191b326cd72
SHA512

31a8d4008d0829b823b81ff061d731373c29183a63b730a58b51fba431df9f89a34a833159304bf4da6955d491887cfe0c0213ff697ab1dbf076f24e56d5b819
SSDEEP

6144:jjlZffuH/xIFU0EugicBhFwdU+ZNHbMLpqkA8zGglUTO67qHm/EdUzRLmddMmevT:jJZ+GLEu/UUHGZ5GglCOLm8dAV8dMDlx

Score

7^/10

Malware Config

Targets

- Target
  
  6592b83e67f38d722803443ff8dd8540
- Size
  
  506KB
- MD5
  
  6592b83e67f38d722803443ff8dd8540
- SHA1
  
  a3e66f1be1b1f5821f26ac65ad67b28b78d0f0ce
- SHA256
  
  6d6bd50f7fd352a1427ad0841d7d87e99b5158aaaa2931241c1d6191b326cd72
- SHA512
  
  31a8d4008d0829b823b81ff061d731373c29183a63b730a58b51fba431df9f89a34a833159304bf4da6955d491887cfe0c0213ff697ab1dbf076f24e56d5b819
- SSDEEP
  
  6144:jjlZffuH/xIFU0EugicBhFwdU+ZNHbMLpqkA8zGglUTO67qHm/EdUzRLmddMmevT:jJZ+GLEu/UUHGZ5GglCOLm8dAV8dMDlx
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2