6cffbec513d030e477536943cde2f16211cd49130b4a1b9e0952a5fe0163976b | Triage

Sharing

General

Target

70953ddd23670f75e1c11dcb1fa9fcf6
Size

241KB
Sample

240123-z5ln8sadd8
MD5

70953ddd23670f75e1c11dcb1fa9fcf6
SHA1

dfec90aa3048f6f82cf8ca8228934464e7873b4f
SHA256

6cffbec513d030e477536943cde2f16211cd49130b4a1b9e0952a5fe0163976b
SHA512

0299fab6d0576518111b529afcb915e93c3e68c327b4caa082d0aac4bc359f5674bb5aa3c4c702bcffbc9beaaed682ff903168d7da1364f16b08b2054e0996a2
SSDEEP

6144:7cwNNcJI3qncJGzcCd4sd9DeMg0kR5eGT6frkQ:7BNNG+qN2B5XA

Score

7^/10

Malware Config

Targets

- Target
  
  70953ddd23670f75e1c11dcb1fa9fcf6
- Size
  
  241KB
- MD5
  
  70953ddd23670f75e1c11dcb1fa9fcf6
- SHA1
  
  dfec90aa3048f6f82cf8ca8228934464e7873b4f
- SHA256
  
  6cffbec513d030e477536943cde2f16211cd49130b4a1b9e0952a5fe0163976b
- SHA512
  
  0299fab6d0576518111b529afcb915e93c3e68c327b4caa082d0aac4bc359f5674bb5aa3c4c702bcffbc9beaaed682ff903168d7da1364f16b08b2054e0996a2
- SSDEEP
  
  6144:7cwNNcJI3qncJGzcCd4sd9DeMg0kR5eGT6frkQ:7BNNG+qN2B5XA
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2