e11248b38c239cefa372174c94182e7bce13e2576cd917f2e434da5614e730e0 | Triage

Sharing

General

Target

6fe7cf98e62ad23876244e6e13d3b591
Size

506KB
Sample

240122-v8d2cabhc4
MD5

6fe7cf98e62ad23876244e6e13d3b591
SHA1

058f633e859a4c99daa58caa30617fd14c473034
SHA256

e11248b38c239cefa372174c94182e7bce13e2576cd917f2e434da5614e730e0
SHA512

a7756234f6821bc9c04f2e34e1d02a96ca12d804ac44c79107bee856a4b86762514242268077d694db65ce0ae53915568c567cf0950004cc357624ee178ca0f7
SSDEEP

12288:0MzOQYaOVwVlJqYtCffDX38T40L+f4JNdO2:0oYaO6Vl5IfX0qfkNdO2

Score

7^/10

Malware Config

Targets

- Target
  
  6fe7cf98e62ad23876244e6e13d3b591
- Size
  
  506KB
- MD5
  
  6fe7cf98e62ad23876244e6e13d3b591
- SHA1
  
  058f633e859a4c99daa58caa30617fd14c473034
- SHA256
  
  e11248b38c239cefa372174c94182e7bce13e2576cd917f2e434da5614e730e0
- SHA512
  
  a7756234f6821bc9c04f2e34e1d02a96ca12d804ac44c79107bee856a4b86762514242268077d694db65ce0ae53915568c567cf0950004cc357624ee178ca0f7
- SSDEEP
  
  12288:0MzOQYaOVwVlJqYtCffDX38T40L+f4JNdO2:0oYaO6Vl5IfX0qfkNdO2
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2