a9bf01427ee0ccf0b79c0e712bb039fe4ca8e5c49cf4cd4e4b5bce78c2a61027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75d76f34c7a4428cf24018d233ff35e8
Size

506KB
Sample

240125-3yk1xahhf9
MD5

75d76f34c7a4428cf24018d233ff35e8
SHA1

b788e6a11454846e7e677bbc2ccca1bec627dcd5
SHA256

a9bf01427ee0ccf0b79c0e712bb039fe4ca8e5c49cf4cd4e4b5bce78c2a61027
SHA512

961010504d4bdaed2da38dbd141da428c51f811a61472ffc713105a718db1662e5a75d6abba074a8fe10c79a1d1a40aabf17a5ecfca982e3866c8bb9927d4ca6
SSDEEP

6144:d0Zxlnfch77tafG5/MKJbaouvh5zgqK2vdQxXe3FnY9kr4OhjlOWdSm:C1fM7cfSfJba7vhjK2vdQ0nY9kkO60X

Score

7^/10

Malware Config

Targets

- Target
  
  75d76f34c7a4428cf24018d233ff35e8
- Size
  
  506KB
- MD5
  
  75d76f34c7a4428cf24018d233ff35e8
- SHA1
  
  b788e6a11454846e7e677bbc2ccca1bec627dcd5
- SHA256
  
  a9bf01427ee0ccf0b79c0e712bb039fe4ca8e5c49cf4cd4e4b5bce78c2a61027
- SHA512
  
  961010504d4bdaed2da38dbd141da428c51f811a61472ffc713105a718db1662e5a75d6abba074a8fe10c79a1d1a40aabf17a5ecfca982e3866c8bb9927d4ca6
- SSDEEP
  
  6144:d0Zxlnfch77tafG5/MKJbaouvh5zgqK2vdQxXe3FnY9kr4OhjlOWdSm:C1fM7cfSfJba7vhjK2vdQ0nY9kkO60X
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2