4b6ce94bf01f5dbe1713e9bab41a1b5c748a110b0eb33a2d226ff03981b4cf23 | Triage

Sharing

General

Target

672a18398121724cfc2b074916dd0cd4
Size

506KB
Sample

240119-kffz5aagg9
MD5

672a18398121724cfc2b074916dd0cd4
SHA1

268f6c3755684a58b314a8c7f5c0f7b2dd885d23
SHA256

4b6ce94bf01f5dbe1713e9bab41a1b5c748a110b0eb33a2d226ff03981b4cf23
SHA512

a9db269f5968f4268f37d7819398e01e73102a2c85b553a1e59e006616882e57a926106baee0a2203a414767610f559d8f73f9f3a1ec5cfca4b99290f68eedc5
SSDEEP

12288:sRa+RFDTQcvPR8IF7Xaq/BhB7os21LWUvIpxOcQ+LZRo:Q1RFIcvJjF7X5wtJcQ+LA

Score

7^/10

Malware Config

Targets

- Target
  
  672a18398121724cfc2b074916dd0cd4
- Size
  
  506KB
- MD5
  
  672a18398121724cfc2b074916dd0cd4
- SHA1
  
  268f6c3755684a58b314a8c7f5c0f7b2dd885d23
- SHA256
  
  4b6ce94bf01f5dbe1713e9bab41a1b5c748a110b0eb33a2d226ff03981b4cf23
- SHA512
  
  a9db269f5968f4268f37d7819398e01e73102a2c85b553a1e59e006616882e57a926106baee0a2203a414767610f559d8f73f9f3a1ec5cfca4b99290f68eedc5
- SSDEEP
  
  12288:sRa+RFDTQcvPR8IF7Xaq/BhB7os21LWUvIpxOcQ+LZRo:Q1RFIcvJjF7X5wtJcQ+LA
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2